VPC Peering creates networking connection between two VPCs that enables to route traffic between them privately. Peered VPCs instances can communicate with each other like these are in same network. AWS VPC peering is possible with your own VPCs in your AWS account and also in VPC in another AWS Account.
VPC Peering in AWS
- Login to your AWS account and go to VPC ( shown in Image below )
and find Peering Connections in left sidebar ( as shown in left image below )
Click on Peering Connections, then Click on Blue button “Create Peering Connection“
After Clicking this button a new page will be loaded that will ask for following details.
Peering connection name tag:
Name of peering connection, It’ll help to recognize peering connection.
It is a dropdown just select your VPC from which you are making request for vpc peering (VPC – A).
Provide information about another VPC to peer with
Select Account, If you want to connect with VPC of other AWS account you would require to provide Account ID.
Select Region to which VPC exist, if VPC exist in another region, select region from dropdown
Select VPC Acceptor:
Select VPC to which you are making connection (VPC-B)
Click on Create Peering Connection Button.
Once you’ll click on this button, you need to approve the VPC peering from VPC requester.
Approve VPC Peering
Go to the requester AWS region VPC-A and then Peering Connections. Here you will find a new VPC Peering connection with pending acceptance status right click on it and approve VPC Peering. After completion of VPC Peering, you required to update Route tables for VPC Peering Connection.
Update Route tables for AWS VPC Peering
Only successful VPC peering will not help you to connect your instance from one VPC to another. For sending traffic between peered VPCs you must add a route to the route table that belong to instance subnet. This newly added routes points to the CIDR block of the peer VPC in VPC peering connection
For easy route table update, please note following details.
- Subnet of EC2 instances for both requester and accepter.
- CIDR block for both accepter and requester
How to add route table entry for VPC Peering
Login to AWS and reach to AWS VPC ( as shown above in the post ).
Let’s assume your requester ec2 instance ‘E1’ is in VPC A and you want to peer connection with another ec2 instance ‘E2’ in VPC B, so for peering you need to do following route table entry.
For Region A
Go to AWS VPC in VPC A and then go to subnets ( see options in left side ) and search for the Subnet ID in which your ec2 instance ‘E1’ reside.
Once you found the subnet then click on Route Table as shown below
You will see something like this
Route Table: rtb-4581ebxa | rt-private network
Just click on this,it will be open in new tab, select route table and then click on Routes option.
Here you’ll see Edit button in blue click on it and then click on Add another route button, You’ll required to enter following details
Destination: Here you need to provide CIDR Address for VPC B (Important: It’s a cross relation).
Target: Once you click on target it will start showing options, from the list you have to choose recently created VPC peered connection. If you have given name of VPC Peering connection here you will find that name else you will find something in pcx-3432sdx34sx. If you have difficulty finding the name just open Peering Connection in new tab and match peering connection Id.
For Region B
For region B you have to follow same steps as we have shown for VPC A, Only thing you will change that you need to find subnet of the ec2 instance E2 to which you are pairing. Also you need to provide CIDR address of VPC A in route table and then select VPC Peering Connection.
VPC Peering Verification
Once you complete both of these steps, VPC Peering and Route table update. Login to your EC2 Instance ‘E1’ in VPC A and then try to connect EC2 Instance ‘E2′ in VPC B, If you can connect it means VPC Peering is working If you can’t you need to check security group of instance ‘E2’ , Check if traffic from VPC A is allowed or not, If not add a inbound rule in which traffic from CIDR Block of VPC A is allowed. After adding these final settings you instance ‘E1‘ in VPC A should connect to instance E2 in ‘VPC B’ , Now cheers! you have successfully completed VPC Peering.
In case, you are facing any issue with this tutorial, Please let us know by filling comment form given below or drop an email at nixgyd[at]gmail.com . We will reply back swiftly. Thanks for reading.