Quotas - Amazon VPC

Quotas

Your AWS account has the quotas shown in the following table for AWS Cloud WAN.

The Service Quotas console also provides information about AWS Cloud WAN quotas. You can use the Service Quotas console to view default quotas and request quota increases for adjustable quotas. For more information, see Requesting a quota increase in the Service Quotas User Guide.

General

The following AWS Cloud WAN general quotas apply.

Quota Default Adjustable

Global networks per AWS account

5

Yes

Core networks per global network

1

No

Edges per Region per core network 1 No
Segments per core network 20 No
Retention duration (in seconds) for core network policies with out-of-date change sets 7776000 Yes
Number of policy versions per core network 10,000 Yes
Size of a core network policy (in KB) 100 No
Number of policy versions 10000 Yes
Number of attachments per core network 5000 Yes
Number of core network Connect attachments No limit, up to 5000 maximum attachments per core network No
Number of core network attachments per VPC 5 No
Number of core network attachments per VPN 50 No
Number of Connect peers per Connect attachment 4 No
Number of devices per global network 200 Yes
Number of sites per global network 200 Yes
Number of links per global network 200 Yes
Number of connections per global network 500 Yes
Number of transit gateway peers 50 Yes
Number of transit gateway routing tables No limit

Bandwidth

Your AWS account has the following bandwidth quotas for AWS Cloud WAN.

You can use equal-cost multipath routing (ECMP) to get higher VPN bandwidth by aggregating multiple VPN tunnels. To use ECMP, the VPN connection must be configured for dynamic routing. ECMP is not supported on VPN connections that use static routing.

You can create up to four Connect peers per Connect attachment (up to 20 Gbps in total bandwidth per Connect attachment). You can use ECMP to get higher bandwidth by scaling horizontally across multiple Connect peers of the same Connect attachment or across multiple Connect attachments. Core network cannot use ECMP between the BGP peerings of the same Connect peer.

Quota Default Adjustable

Maximum bandwidth per VPC attachment

Up to 50 Gbps

No
Maximum bandwidth per VPN tunnel

Up to 1.25 Gbps

No

Maximum bandwidth per Connect peer (GRE tunnel) per Connect attachment

Up to 5 Gbps No

Routing

Your AWS account has the following routing quotas for AWS Cloud WAN.

Quota Default Adjustable
Routes per core network (across all segments) 10,000 No
Routes advertised from VPC to core network 1,000 No
Routes advertised from core network to VPC 5,000 No
Routes advertised over VPN to core network 1,000 No
Routes advertised from core network over VPN 5,000 No
Routes advertised over Connect peer to core network 1,000 No
Routes advertised from core network over Connect peer 5,000 No

Maximum transmission unit (MTU)

Your AWS account has the following MTU quotas for AWS Cloud WAN:

  • The MTU of a network connection is the size, in bytes, of the largest permissible packet that can be passed over the connection. The larger the MTU of a connection, the more data that can be passed in a single packet. A Cloud WAN core network supports an MTU of 8500 bytes for traffic between VPCs. Traffic over VPN connections can have an MTU of 1500 bytes.

  • Packets with a size larger than 8500 bytes that arrive at the core network are dropped.

  • The core network does not generate the FRAG_NEEDED for ICMPv4 packet, or the Packet Too Big (PTB) for ICMPv6 packet. Therefore, the Path MTU Discovery (PMTUD) is not supported.

  • The core network enforces Maximum Segment Size (MSS) clamping for all packets. For more information, see RFC879.