Pragya Saraswat's Blog

"How to Set Up VPC Peering Connections for Seamless Communication Between AWS VPCs".

Pragya Saraswat's photo
Pragya Saraswat
·

2 min read

VPC Peering Connection

In a previous post, we created two VPCs, each containing one private and one public subnet. Each subnet hosts a single resource. The public subnets of both VPCs have Internet Gateway (IG) connectivity, while the private subnets are connected via NAT Gateways and configured using route tables. In this document, we will establish a VPC peering connection between these two VPCs to enable communication between their resources.

What is a VPC Peering Connection?

A VPC Peering Connection allows communication between two VPCs, enabling the resources in their subnets to interact with each other. This is especially useful for sharing resources across different VPCs.

Steps to Create a VPC Peering Connection

Step 1: Create a VPC Peering Connection

  1. Open the AWS Management Console.

  2. Navigate to VPC > Peering Connections > Create Peering Connection.

  3. Specify the following details:

    • Requester VPC: VPC 1

    • Accepter VPC: VPC 2

  4. Accept the VPC Peering Connection in VPC 2 to complete the setup.

Step 2: Modify Route Tables

To enable communication between the two VPCs, update their route tables:

Examples:

  1. Connecting from Public Subnet of VPC 1 to Public and Private Subnets of VPC 2

    • Add VPC 2’s CIDR range to the route table of the public subnet in VPC 1.

  2. Connecting from Private Subnet of VPC 1 to Public and Private Subnets of VPC 2

    • Add VPC 2’s CIDR range to the route table of the private subnet in VPC 1.

  3. Connecting from Public Subnet of VPC 2 to Public and Private Subnets of VPC 1

    • Add VPC 1’s CIDR range to the route table of the public subnet in VPC 2.

  4. Connecting from Private Subnet of VPC 2 to Public and Private Subnets of VPC 1

    • Add VPC 1’s CIDR range to the route table of the private subnet in VPC 2.

Additional Configuration for Testing Connectivity

ICMP Traffic:

If you wish to test connectivity using ping, ensure that ICMP traffic is allowed in the security groups of all involved resources. Without this, ping requests will fail.

HTTP Traffic:

To test connectivity using curl or a similar HTTP request, allow inbound traffic on port 80 (HTTP) in the security groups of the resources.

Summary

By following these steps, you can enable seamless communication between resources in the two VPCs. Ensure that the necessary routes and security group rules are configured correctly to allow the desired traffic.

With the VPC Peering Connection established and configurations in place, the resources in both VPCs can interact with each other as needed.

vpc peeringvpcVpc basics