krishnamurthydasari/AWS Transit Gateway Route Propagation

## AWS Transit Gateway Route Propagation
How route propogation happens at Transit gateway route table:
=============================================================

This applies when you have VPN and also Direct connect both uses transit gateway as aws side of gateway. then these routes are followed.

Ref: Refer to "Route evaluation order" section at https://docs.aws.amazon.com/vpc/latest/tgw/how-transit-gateways-work.html

Ref: https://www.linkedin.com/pulse/aws-transit-gateway-tgw-explained-ahmed-ali/
Transit gateway routes are evaluated in the following order:

      The most specific route for the destination address.

      For routes with the same destination IP address but different targets, the route priority is as follows:

          1) Static routes (for example, Site-to-Site VPN static routes)
          2) Prefix list referenced routes
          3) VPC propagated routes (VPC Attachments)
          4) Direct Connect gateway propagated routes
          5) Transit Gateway Connect propagated routes
          6) Site-to-Site VPN private propagated routes
          7) Site-to-Site public VPN propagated routes
          8) Transit Gateway peering propagated routes (Cloud WAN)


Route propogation at VPC route table:
======================================

1) Local routes
2) Static routes
3) Propogated routes

When you have site to site VPN and a direct connect connection configured to VGW (no transit gateway), If the prefixes are the same, then the virtual private gateway prioritizes routes as follows, from most preferred to least preferred:
(VPN route table routes the traffic to VGW, now VGW decides which way to go)
Basically in both cases, VGW or Transit gateway - the VPC route table will have only one route. then Tx gateway or VGW will follow precedence.

1) BGP propagated routes from an AWS Direct Connect connection
2) Manually added static routes for a Site-to-Site VPN connection
3) BGP propagated routes from a Site-to-Site VPN connection
4) For matching prefixes where each Site-to-Site VPN connection uses BGP, the AS PATH is compared and the prefix with the shortest AS PATH is preferred.


*** All these is default behaviour., if you want to change anything like primary and secondary, you need to add attributes in customer gateway side to define which connection or VPN is primary and which is secondary. The attribute can be wait, or AS Path etc.
	How route propogation happens at Transit gateway route table:
	=============================================================

	This applies when you have VPN and also Direct connect both uses transit gateway as aws side of gateway. then these routes are followed.

	Ref: Refer to "Route evaluation order" section at https://docs.aws.amazon.com/vpc/latest/tgw/how-transit-gateways-work.html

	Ref: https://www.linkedin.com/pulse/aws-transit-gateway-tgw-explained-ahmed-ali/
	Transit gateway routes are evaluated in the following order:

	The most specific route for the destination address.

	For routes with the same destination IP address but different targets, the route priority is as follows:

	1) Static routes (for example, Site-to-Site VPN static routes)
	2) Prefix list referenced routes
	3) VPC propagated routes (VPC Attachments)
	4) Direct Connect gateway propagated routes
	5) Transit Gateway Connect propagated routes
	6) Site-to-Site VPN private propagated routes
	7) Site-to-Site public VPN propagated routes
	8) Transit Gateway peering propagated routes (Cloud WAN)


	Route propogation at VPC route table:
	======================================

	1) Local routes
	2) Static routes
	3) Propogated routes

	When you have site to site VPN and a direct connect connection configured to VGW (no transit gateway), If the prefixes are the same, then the virtual private gateway prioritizes routes as follows, from most preferred to least preferred:
	(VPN route table routes the traffic to VGW, now VGW decides which way to go)
	Basically in both cases, VGW or Transit gateway - the VPC route table will have only one route. then Tx gateway or VGW will follow precedence.

	1) BGP propagated routes from an AWS Direct Connect connection
	2) Manually added static routes for a Site-to-Site VPN connection
	3) BGP propagated routes from a Site-to-Site VPN connection
	4) For matching prefixes where each Site-to-Site VPN connection uses BGP, the AS PATH is compared and the prefix with the shortest AS PATH is preferred.


	*** All these is default behaviour., if you want to change anything like primary and secondary, you need to add attributes in customer gateway side to define which connection or VPN is primary and which is secondary. The attribute can be wait, or AS Path etc.