Overview

An SBC SWe deployment requires a VPC with sufficient IP space to support four or five IPv4 subnets:

  • Management (MGT0)
  • High Availability (HA0)
  • Packet 0 (PKT0)
  • Packet 1 (PKT1)
  • High-Availability-forwarding Engine Public Subnet (HFE Public-facing), depending on the deployment type

Using HFE

If you choose HFE, the following applies:

  • You must use a different private pkt0 subnet for each SBC HA pair. HA0, pkt1 and MGT0 subnets are sharable with other SBCs.
  • HFE templates create private pkt0 subnets for each SBC HA pair (when using the AWS_HFE_HA_template_auto_subnet.json template). 
  • You can create pkt0 private subnets before creating SBC and HFE. In this scenario, use HFE - AWS_HFE_HA_template.json to create an HFE HA pair with the subnets you provide.


If you choose to create private pkt0 subnets before creating SBC with HFE, consider the following:

Warning

You must create a different private pkt0 subnet for each SBC HA pair.


  • Private subnet – A subnet without any Internet GW attached to it, the routing table of the subnet can contain routing information only for VPC/subnets.
    • Example routing table for a private subnet:

      DestinationTarget
      10.54.0.0/16local
    • In the above example, no 0.0.0.0/0 rule is added to the routing table. Plus. there is no rule to send traffic to the Internet GW; only rule present here is "10.54.0.10/16 - local".
  • The suggested CIDR is /26 /27 (Using /24 or larger CIDR will waste many IP addresses)
  • Ribbon recommends using AWS_HFE_HA_template_auto_subnet.json to create the pkt0 private subnet while creating the SBC instance.  

Procedure

Create a subnet within an existing VPC, or allocate a new VPC. All four subnets must reside within the same region/VPC and availability zone.

To create a new subnet with CIDR x.x.x.x/20 within an existing VPC:

  1. Navigate to the VPC Dashboard: https://console.aws.amazon.com/vpc/


  2. Select Your VPCs on the left taskbar to see the list of available VPCs.


  3. Select Subnets on the left taskbar.
  4. Select Create subnet to create a subnet for MGT0 using a CIDR block. For example, x.x.0.0/20.

    Note

    The SBC uses the MGT0 interface for resolving communications with the AWS REST API endpoints. Because none of the SBC's subnets may overlap with VPC's default DNS IP, use the default route of MGT0 interface for communicating with the VPC's DNS server IP.

    To avoid routing conflicts, ensure the default DNS server IP of the AWS VPC network where the SBC is deployed either overlaps with the SBC's MGT0 subnet or none of the SBC's subnets. 

  5. Select Create subnet to create a subnet for HA0 using an IPv4 CIDR block, for example, x.x.16.0/20.
  6. Select Create subnet to create a subnet for PKT0 using an IPv4 CIDR block, for example, x.x.32.0/20.
  7. Select Create subnet to create a subnet for PKT1 using an IPv4 CIDR block, for example,  x.x.48.0/20.


  8. If deploying a High-Availability Forwarded Engine instance with the SBC, use a public-facing subnet. You can re-use an existing public-facing subnet.
    If not available, select Create subnet to create a subnet for HFE Public-facing using an IPv4 CIDR block, for example, x.x.64.0/20

For more information on creating subnets in AWS, refer to Creating a Subnet in Your VPC.