Skip to content

Amazon VPC – Concept of VPC Peering

VPC Peering: Overview and Setup

VPC peering is a networking solution that enables two Virtual Private Clouds (VPCs) to connect and exchange traffic with each other, allowing resources in different VPCs to exchange data based on the architecture of the service. VPC peering network uses private IPv4 and IPv6 addresses, and is not transitive i.e. we need to establish the connection for each VPC that needs to connect to each other.

Amazon VPC - Concept of VPC Peering

Setting Up VPC Peering

To configure VPC peering, the following steps are required:

1. Have two VPCs which do not have overlapping CIDR (Classless Inter-Domain Routing) blocks.

2. Create a peering connection request between the two VPCs.

3. The owner of the remote VPC approves the peering request.

4. Configure routing on both VPCs.

5. Adjust affected security groups.

Amazon VPC - Concept of VPC Peering

To create the peering request in the AWS Console, go to the VPC Dashboard and click on VPC Peering Connections. To create a peering request, click on the Create Peering Connection button. The Create Peering Connection form is displayed. In this form, you will need to enter a name for the connection, the requester and accepter VPCs, along with the account and region the accepter VPC is located in. You will also need to fill in the IP range of both requester and accepter.

Once the request is created, the owner of the remote VPC will need to accept the peering request. When both the requester and accepter are in the same AWS account, and the VPC peering request is created using Cloud Formation, Cloud Formation will attempt to accept the request automatically.

Amazon VPC - Concept of VPC Peering

When the request is accepted, you will need to update the routing tables to facilitate the routing of traffic between the two peered VPCs.

Use Cases for VPC Peering

VPC peering is a great way of extending the VPC design when you need to allow resources in different VPCs to exchange data. It is also useful when you need to create a secure connection between two VPCs, without the need to use an internet gateway.

Complex VPC Peering

When you start to have a lot of peering connections between multiple VPCs, in multiple regions, across multiple AWS accounts, managing the connections starts to get difficult. When it becomes unmanageable, it is time to start looking at moving the existing peering connections to Transit Gateway and managing the connections there.

Leave a Reply

Your email address will not be published. Required fields are marked *