ACG LINK

Amazon VPC Peering: Overview and Configuration Example

Amazon Virtual Private Cloud (Amazon VPC) peering enables communication between two Amazon VPCs as if they were on the same network. VPC peering allows you to connect VPCs within the same AWS region or across different regions. Here's a detailed overview of Amazon VPC peering along with a configuration example:

Features of Amazon VPC Peering:

1. Private Connectivity:

   • VPC peering allows private communication between instances in different VPCs as if they were on the same network.
2. Inter-Region Peering:
   • VPC peering can be established between VPCs in the same region or different regions, providing flexibility in designing multi-region architectures.
3. Transitive Peering:
   • You can establish transitive peering connections, allowing VPCs to communicate through a chain of peering connections.
4. Security:
   • VPC peering does not involve a gateway or a VPN connection, providing a secure and scalable way to connect VPCs.
5. DNS Resolution:
   • DNS resolution across peered VPCs is supported, allowing instances to resolve each other's private DNS hostnames.
6. Resource Sharing:
   • Resources such as Amazon EC2 instances, RDS databases, and others can be shared across peered VPCs.
7. IPv6 Support:
   • VPC peering supports both IPv4 and IPv6 addressing.

Configuration Example:

Let's create a simple Amazon VPC peering connection between two VPCs using the AWS Management Console:

1. Login to AWS Console:

   • Navigate to the AWS Management Console.
2. Create VPCs:
   • In the "VPC Dashboard," create two VPCs that you want to peer.
3. Create VPC Peering Connection:
   • In the "VPC Dashboard," click "Peering Connections" in the left navigation pane.
   • Click "Create Peering Connection" and provide the necessary details, including the requester and accepter VPC IDs.
4. Accept Peering Connection:
   • After creating the peering connection, select the connection and click "Actions" > "Accept Request" in the console.
5. Update Route Tables:
   • Update the route tables of both VPCs to include routes for the CIDR blocks of the peered VPC.

   For example, if VPC A has CIDR block 10.0.0.0/16 and VPC B has CIDR block 20.0.0.0/16, update the route tables as follows:

   • In the route table for VPC A, add a route for 20.0.0.0/16 with the peering connection as the target.
   • In the route table for VPC B, add a route for 10.0.0.0/16 with the peering connection as the target.
6. Configure Security Groups (Optional):
   • If needed, configure security group rules to allow traffic between instances in the peered VPCs.
7. Test Connectivity:
   • Launch instances in each VPC and test connectivity between them using private IP addresses.
8. DNS Resolution (Optional):
   • If you want to enable DNS resolution across peered VPCs, update the DHCP options set for each VPC to include the Amazon provided DNS server.
9. Delete Peering Connection (Optional):
   • Optionally, you can delete the peering connection through the console if it's no longer needed.