Creating a Google Cloud Services Connection for an MVE with Aruba EdgeConnect SD-WAN
You can create a network connection from an MVE with Aruba EdgeConnect SD-WAN to Google Cloud through Partner Interconnect.
When connecting to Google Cloud Platform (GCP) through Partner Interconnect with Megaport ONE, the Virtual Cross Connect (VXC) forms the Layer 2 component of the connection and Layer 3 BGP is established directly between the customer and GCP.
Before you begin, create an MVE in Aruba Orchestrator. For details, see Creating an MVE. The MVE needs to be in the active state.
There are three parts to adding a Google Cloud connection to your MVE and Aruba Orchestrator.
Create a Partner Interconnect attachment in Google Cloud Console or gcloud CLI. Copy the pairing key that is provided as part of the attachment creation. For additional details, see the Google documentation on Google Partner Interconnects.
In the Megaport ONE Portal, create a VXC from your MVE to connect to your Google Cloud attachment.
In Aruba Orchestrator, create a new interface and add the details of the Google Cloud connection.
These instructions step through the second and third parts.
MVE for Aruba EdgeConnect SD-WAN requires configuration steps in both Aruba Orchestrator and the Megaport ONE Portal for all cloud connections.
Adding the Google Cloud connection in the Megaport ONE Portal
To set up the Google Cloud Platform connection, you need to create the connection in the Megaport ONE Portal. If you haven’t already created an MVE, see Creating an MVE.
To deploy a VXC to GCP from the Megaport ONE Portal
- In the Megaport ONE Portal, choose Networking > Services.
- Click the gear icon next to the MVE you want to use.
- Select Add Connection.
- Select Cloud Virtual Cross Connect as the Connection Type.
- Select Google Cloud as the Cloud Provider.
Specify the Google Configuration details:
- Google Partner Pairing Key – Copy and paste the pairing key from the Google Cloud console into the field in the right-hand pane. The relevant Google targets appear based on the region of your GCI Partner connection.
- Available Google Ports – Select the target location for your connection.
Provide these VXC Configuration details:
- Connection Name – This is a free text field allowing you to assign an easily identifiable name for this connection.
- Rate Limit – This is the speed of your connection in Mbps. The speed cannot be changed once deployed. Enter the same rate you selected for your Google port speed.
- A-End VLAN – This is the VLAN for this connection that you will receive through the MVE. This must be a unique VLAN ID on this MVE and can range from 2 to 4093. If you specify a VLAN ID that is already in use, the system displays the next available VLAN number. The VLAN ID must be unique to proceed with the order. If you don’t specify a value, Megaport ONE will assign one.
Specify the Billing Details:
Service Level Reference (optional) – Specify a unique identifying number for the VXC to be used for billing purposes, such as a cost center number or a unique customer ID. The service level reference number appears for each service under the Product section of the invoice. You can also edit this field for an existing service.
Partner-managed accounts can apply a Partner Deal to a service.
Promo Code – If you have a promo code, enter it and click Add Code.
Click Create Connection.
Review the connection details and click Confirm.
After you have deployed the VXC, go back to your attachment in the Google Cloud Console and accept it.
You will be provided your private IP address from Google to configure BGP.
Ensure that you pre-activate the attachment or mark the attachment as active after configuring the VXC. Otherwise, you cannot set up BGP with your SD-WAN instance.
The Google ASN will always be 16550.
Adding Google Cloud connection details to Aruba Orchestrator
After you create the connection from your MVE to Google Cloud and set up the connection in the Google console, you need to configure it in Aruba Orchestrator. This involves revising Orchestrator templates to add a LAN interface and configure BGP settings, ASNs, and VLANs.
To add a LAN interface in Aruba Orchestrator
Collect the connection details from the Google console.
Display the details of the connection you created in Google Cloud for this connection. Note the values for the Peer ASN, Cloud Router BGP IP, and BGP Peer IP.
Collect the connection details from the Megaport ONE Portal.
To display the details, click the gear icon for the Google connection from your MVE, select Edit, then select the Details tab. Note the value for the A-End VLAN.
Next, you will add a subinterface to your Aruba EC-V.
- Log in to Aruba Orchestrator.
- Choose Configuration > Networking | Deployment.
- Locate the appliance by the hostname and click the Edit (pencil) icon.
Add a new LAN side interface: Click +Add next to LAN Interfaces.
If this is the first LAN side service connection, click +Add. If you already have a LAN interface, click +IP under the Interface drop-down list to add a new configuration.
Here is a screen with sample values.
In the Interface dropdown menu, choose wan0.
In the VLAN field, enter the A-End VLAN value for this Google connection in the Megaport ONE Portal.
Click the Details icon for the connection in the Megaport ONE Portal to find this value.
- Optionally, select a preconfigured Label or select None.
- In the IP/Mask field, enter the A-End interface IP Address and subnet mask for this Google connection. These values are available in the VLAN attachment details in the Google Cloud console. The IP address appears in the BGP Peer IP field.
- For the Next Hop, enter the Google-side Cloud Router BGP IP address from the VLAN attachment details in the Google Cloud console.
- Specify in and out bandwidth values.
The bandwidth must be equal to or less than the MVE bandwidth limit.
- Click Apply.
- If prompted, reboot the appliance.
A reboot is required only when adding the first LAN interface, as the system switches the appliance from server mode to router mode.
After the device is reachable from Orchestrator, you can configure a BGP session.
To configure a BGP session (optional)
- In Orchestrator, go to Configuration > Networking | BGP.
- Click the Edit (pencil) icon for the appliance.
- Move the slider to Enable BGP.
- Provide the Autonomous System Number.
This is the Customer ASN (your local MVE), collected in Step 1.
- In the Router ID field, enter a system IP as required by your network design.
You can use any IP address on the MVE, such as the loopback 0 IP specified during the initial acceptance of the appliance, the interface IP on the MVE side of the VXC, or the transit IP address.
In the BGP Peers section, click Add and provide the following information:
- Peer IP – This is the local Google Cloud IP address. This value is available in the VLAN attachment details in the Google Cloud console. The IP address appears in the Cloud Router BGP IP field.
- Local Interface – Choose the newly created LAN interface (the interface is in the format wan0+VLAN).
- Peer ASN – This is the Google Cloud ASN of 16550. This is a fixed value, and appears in the VLAN attachment details on the Google console.
- Peer Type – Choose Branch.
- Enable MD5 Password – If required, select this and then enter and confirm your MD5 password. This is the BGP Auth Key in the Megaport ONE Portal.
- Click Apply.
It takes several seconds for the configuration to be pushed to the appliance. Click the refresh icon to update the data from the appliance.
When successful, the Peer State indicates Established:
Validating your Google Cloud connection
You can review connection details, including the connection state, from the CLI with these commands:
show interface wan0.<subinterface id>– Displays configuration details and current status for the appliances.
show bgp neighborsor
show bgp summary– Displays configuration details and current status for the BGP neighbors.
To start a CLI session from Orchestrator
In Orchestrator, use the mouse to hover over the appliance and click the Appliance Menu icon to the right of the appliance name.
Select CLI Session from the menu.
Enter enable mode to use the recommended CLI commands to display configuration details.