GCP 2 tier web Server with AWS - GCP005

Posted on Fri 14 June 2019 in quiz

Alt Text

Your website comprised of two tier. Frontend in GCP, and the backend is in AWS. It seems your frontend server is not able to communicate the backend server.

In this quiz, you can assume everything in AWS is setup correctly. Spot the misconfiguration in GCP.


VPC

vpc

VPC > Firewall

vpc-firewall

VPC > Routes

vpc-routes

VPC > External IP

vpc-eip

VPN > Tunnel

vpn-tunnels

VPN > Gateway

vpn-gateways

Compute Instances

compute-instance


terraform configuration file Download Terraform output


Answer
BGP neighbor ip address is incorrect.

In the vpn > tunnel, you can see the BGP session having the problem. In GCP, the VPN status can be summarized as follows:
    VPN tunnel is established
    BGP peer starts communication - Initial TCP handshake
    BGP peer establishes the session to exchange the routing information

You can see the vpn status in VPN > Tunnel. It says "Tunnel is up and running", so no.1 is cleared.
And next in the same page, you can see "BGP session" and it shows "Waiting for peer". It means this router cannot connect to the BGP neighbor specified in this configuration.

In this case, the problem was with ip address of the peer configured incorrectly. In GCP, you cannot re-configure the neighbor ip address, hence you need to re-create the BGP session.