Setup vpn connectivity between vmc on aws and onprem/remote environment.

Symptoms:
When a user is trying to create route based vpn tunnel from VMC console, tunnel goes into error state

Error seen on VMC UI:
[Routing] Subnet [169.254.10.40/30] should not overlap with existing logical router port's subnet [LRPort/91b030ec-f826-4eea-87d5-9cc30ccb94a8]

Error seen in LINT:

<99>1 2021-01-18T09:50:01.385Z mp NSX 1455 ROUTING [nsx@6876 comp="nsx-manager" errorCode="MP10048" level="ERROR" reqId="c9a28147-ce54-4948-81c9-45c3688b7c54" subcomp="manager" username="nsx_policy"] [entId=986a80ce-40ea-4611-8c32-ba13ce6c2e21] Given network [169.254.10.40/30] should not overlap with existing logical router port's subnet [LRPort/91b030ec-f826-4eea-87d5-9cc30ccb94a8]

Link local range used for bgp local and remote ip address should not overlap with reserved ip address ranges which used internally by SDDC network components.

Following are reserved address ranges in sddc networks : 

• 169.254.0.0/19
• 169.254.101.0/30
• 169.254.105.0/24
• 169.254.106.0/24

Per RFC 3927, all of 169.254.0.0/16 is a link-local range that cannot be routed beyond a single subnet. However, with the exception of these CIDR blocks, you can use 169.254.0.0/16 addresses for your virtual tunnel interfaces.

For more information on reserved ip address range, please check the reference document: 
https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking-security/GUID-658253DB-F384-4040-94B2-DF2AC3C9D396.html

To create route based vpn, please check following document:
https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking-security/GUID-5AF45CE6-FA53-45C0-83E5-25F8E3A055E9.html#GUID-5AF45CE6-FA53-45C0-83E5-25F8E3A055E9