> ## Documentation Index
> Fetch the complete documentation index at: https://developers.telnyx.com/llms.txt
> Use this file to discover all available pages before exploring further.

# AWS VXC Setup

> Step-by-step guide to provisioning a Telnyx Virtual Cross Connect (VXC) to AWS Direct Connect, including VPC setup and BGP configuration.

## Architecture

We will construct the following architecture:

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-architecture.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=3118f9be68c0be92402c302eeafdd860" alt="AWS Architecture" width="1518" height="1016" data-path="img/vxc-aws-architecture.png" />

## Prerequisites

### VPC

This step is performed on AWS.

<img src="https://mintcdn.com/telnyx/2URMJX3zP3rZ0vDO/img/vxc-aws-vpc.png?fit=max&auto=format&n=2URMJX3zP3rZ0vDO&q=85&s=1055bee5e69beb2178a8c5f702d3350e" alt="AWS VPC" width="1600" height="613" data-path="img/vxc-aws-vpc.png" />

⚠️ Note: Ensure the intended region is selected. In this example, we are using eu-central-1 as the region.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-create-vpc.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=5799d68a2689180ff08c81af69529048" alt="AWS Create VPC" width="833" height="1132" data-path="img/vxc-aws-create-vpc.png" />

| Parameter           | Value                       |
| ------------------- | --------------------------- |
| Resources to create | VPC only                    |
| IPv4 CIDR block     | IPv4 CIDR manual input      |
| IPv4 CIDR           | RFC1918, e.g. 10.10.11.0/24 |
| IPv6 CIDR block     | No IPv6 CIDR block          |
| Tenancy             | Default                     |

### Virtual Private Gateway

This step is performed on AWS.

Create and attach a virtual private gateway to the VPC created.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-virtual-private-gateway.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=a2bc951aa9202fb28b584262476b722c" alt="AWS Virtual Private Gateway" width="1600" height="1151" data-path="img/vxc-aws-virtual-private-gateway.png" />

⚠️ Note: Ensure the intended region is selected. In this example, we are using eu-central-1 as the region.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-create-virtual-private-gateway.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=4a267c0a430bb2ff82e45bca98c04d23" alt="AWS Create Virtual Private Gateway" width="845" height="757" data-path="img/vxc-aws-create-virtual-private-gateway.png" />

⚠️ Note: Amazon default ASN value is 64512. You will need this value for VXC creation.

Next, attach the virtual private gateway to the VPC created in the first step.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-attach-virtual-private-gateway.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=f43fe9fafdc2ce555f10b4da2a7a8dee" alt="AWS Attach Virtual Private Gateway" width="1600" height="522" data-path="img/vxc-aws-attach-virtual-private-gateway.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-attach-virtual-private-gateway-2.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=0c52b0ded5b7bdfe2ed2722e0d9e402f" alt="AWS Attach Virtual Private Gateway 2" width="838" height="446" data-path="img/vxc-aws-attach-virtual-private-gateway-2.png" />

The state of the virtual private gateway will go from “Detached” to “Attaching” and finally “Attached”.

### VPC Route Table

This step is performed on AWS.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-vpc-route-table-1.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=b8a99c82994bade9ca442ad67e094d16" alt="AWS VPC Route Table 1" width="1600" height="685" data-path="img/vxc-aws-vpc-route-table-1.png" />

<img src="https://mintcdn.com/telnyx/2URMJX3zP3rZ0vDO/img/vxc-aws-vpc-route-table-2.png?fit=max&auto=format&n=2URMJX3zP3rZ0vDO&q=85&s=032de07d534eb9034b63c74d4727225d" alt="AWS VPC Route Table 2" width="1600" height="556" data-path="img/vxc-aws-vpc-route-table-2.png" />

<img src="https://mintcdn.com/telnyx/2URMJX3zP3rZ0vDO/img/vxc-aws-vpc-route-table-3.png?fit=max&auto=format&n=2URMJX3zP3rZ0vDO&q=85&s=1bbdcd253a066d96d1f3f3379f18b531" alt="AWS VPC Route Table 3" width="839" height="420" data-path="img/vxc-aws-vpc-route-table-3.png" />

### Internet Gateway

This step is performed on AWS.

This is optional. Create and attach an internet gateway to the VPC created.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-internet-gateway-1.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=bc7c29c08f56ac75387cbe743cdf8d41" alt="AWS Internet Gateway 1" width="1600" height="644" data-path="img/vxc-aws-internet-gateway-1.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-internet-gateway-2.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=9ec9aef9360d2e6adba32e3e4f0c45f6" alt="AWS Internet Gateway 2" width="834" height="558" data-path="img/vxc-aws-internet-gateway-2.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-internet-gateway-3.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=19f1ed51005e3ac1671f586881e82476" alt="AWS Internet Gateway 3" width="1502" height="386" data-path="img/vxc-aws-internet-gateway-3.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-internet-gateway-4.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=9008082c8a591d7bb5a0445ea2ba997f" alt="AWS Internet Gateway 4" width="830" height="360" data-path="img/vxc-aws-internet-gateway-4.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-internet-gateway-5.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=f5581bd70910137a8f1e90d648268b35" alt="AWS Internet Gateway 5" width="1496" height="683" data-path="img/vxc-aws-internet-gateway-5.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-internet-gateway-6.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=c2901b79ab51a710bd1d5d4f429160ba" alt="AWS Internet Gateway 6" width="1600" height="539" data-path="img/vxc-aws-internet-gateway-6.png" />

### Subnet

This step is performed on AWS.

Assuming you don’t have a subnet setup — Choose the VPC created. Subnet CIDR block should be chosen from within the VPC block.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-subnet.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=cf557eb5a9cb6bbd926bd1b9f1231a75" alt="AWS Subnet" width="834" height="1215" data-path="img/vxc-aws-subnet.png" />

### EC2

This step is performed on AWS.

Assuming you don’t have an EC2 instance — spin one up in the same region. Assign the VPC and Subnet created previously. Enable public IP on the instance so you can ssh into it.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-ec2.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=619fabe5d2861d7e755f3d4adffa0c1e" alt="AWS EC2" width="793" height="1137" data-path="img/vxc-aws-ec2.png" />

### Account ID

This step is performed on AWS.

⚠️ You would need this number when you create the Telnyx VXC later.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-account-id.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=32d6a5f54b1393128d05aefe7a6215fb" alt="AWS Account ID" width="1600" height="355" data-path="img/vxc-aws-account-id.png" />

### Telnyx Network

This step is performed on Telnyx.

If you don't have a network created already, you may follow [this guide](https://developers.telnyx.com/docs/network/networks) to create one.

## Procedure

### Create a VXC resource

This step is performed on Telnyx.

```http request theme={null}
POST /v2/virtual_cross_connects HTTP/1.1
Host: api.telnyx.com
Content-Type: application/json
Authorization: Bearer XXX
Content-Length: 286

{
    "network_id": "314ae4ed-04f0-4111-be40-240beb7fdcf0",
    "name": "xd-frankfurt-vxc-aws",
    "cloud_provider": "aws",
    "cloud_provider_region": "eu-central-1",
    "primary_cloud_account_id": "YYY",
    "bgp_asn": 64512,
    "bandwidth_mbps": 50
}
```

| Parameter                  | Value                                                   |
| -------------------------- | ------------------------------------------------------- |
| `cloud_provider`           | `aws`                                                   |
| `cloud_provider_region`    | Match what you selected on the AWS                      |
| `primary_cloud_account_id` | AWS account ID from the last step                       |
| `bgp_asn`                  | AWS’s bgp asn which is 64512                            |
| `bandwidth_mbps`           | Chosen from available bandwidth of the VXC coverage API |

Take note of the VXC id returned in the response.

### Direct Connect

This step is performed on AWS.

If you haven’t accepted the connection from your AWS account within 1 hour of the VXC creation, the VXC would be deleted and you will have to start over.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-direct-connect.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=9193a8c58d79ab0a7a9d7ecadb51896e" alt="AWS Direct Connect" width="1493" height="873" data-path="img/vxc-aws-direct-connect.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-direct-connect-2.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=d9ffd2b0896e2a04dcd57a6201060487" alt="AWS Direct Connect 2" width="1464" height="877" data-path="img/vxc-aws-direct-connect-2.png" />

### Enable Primary Connection

This step is performed on Telnyx.

The connection must be enabled to be used.

```http request theme={null}
PATCH /v2/virtual_cross_connects/:vxc_uuid HTTP/1.1
Host: api.telnyx.com
Content-Type: application/json
Authorization: Bearer XXX
Content-Length: 31

{
    "primary_enabled": true
}
```

At this point, the connection on AWS will show as “available”.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-enable-primary-connection.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=ad91e94a1103127c02f37bd7d4f58b66" alt="AWS Enable Primary Connection" width="1465" height="877" data-path="img/vxc-aws-enable-primary-connection.png" />

### Virtual Interface

This step is performed on AWS.

The connection created above needs to have an interface to which to connect.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-virtual-interface-1.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=13982cb85cf0f2140ce949a101f769b7" alt="AWS Virtual Interface 1" width="851" height="1204" data-path="img/vxc-aws-virtual-interface-1.png" />

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-virtual-interface-2.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=bf535b09b24d3e10faf1cda7a18536a8" alt="AWS Virtual Interface 2" width="809" height="1208" data-path="img/vxc-aws-virtual-interface-2.png" />

Interface Parameters

| Parameter                         | Value                                                                                                  |
| --------------------------------- | ------------------------------------------------------------------------------------------------------ |
| Type                              | Private                                                                                                |
| Connection                        | Choose the Direct Connection you accepted previously.                                                  |
| Virtual interface owner           | My AWS account                                                                                         |
| Gateway Type                      | Virtual Private Gateway and select the one you created in Prerequisite – AWS → Virtual Private Gateway |
| BGP ASN                           | 63440 - Telnyx ASN                                                                                     |
| Your router peer IP - optional    | `primary_telnyx_ip`                                                                                    |
| Amazon router peer IP - optional  | `primary_cloud_ip`                                                                                     |
| BGP authentication key - optional | `primary_bgp_key`                                                                                      |

Lastly you should see the following – the interface is “available”.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-interface-parameters.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=31f26b071f9376c6c3e4e606db6832c0" alt="AWS Interface Parameters" width="1584" height="724" data-path="img/vxc-aws-interface-parameters.png" />

### Validate Connection

This step is performed on AWS.  ssh into your EC2 instance and either ping or traceroute to one of the IP in the route table of the VPC. You can see the route went over the VXC instead of the public internet.

<img src="https://mintcdn.com/telnyx/PAJh-h3FEJ6U1KdT/img/vxc-aws-validate-connection.png?fit=max&auto=format&n=PAJh-h3FEJ6U1KdT&q=85&s=6a02925c265334859c594ab7e1f9a677" alt="AWS Validate Connection" width="1427" height="221" data-path="img/vxc-aws-validate-connection.png" />
