What is actually VPC peering?
A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch AWS resources, such as Amazon EC2 instances, into your VPC.
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. Instances in either VPC can communicate as if they are within the same network. You can create a VPC peering connection between your VPCs or a VPC in another AWS account. The VPCs can be in different Regions (also known as an inter-Region VPC peering connection).
Pricing for a VPC peering connection
There is no charge to create a VPC peering connection. All data transfer over a VPC Peering connection within an Availability Zone (AZ) is free. Charges apply for data transfer over VPC Peering connections that cross Availability Zones and Regions.
LAB: How to create VPC peering?
Note: In this lab session we are going to create two different instances and try to connect the private IP of one instance by using another instance.
Step 1: Create a First VPC
Goto
Your VPCs
and Create vpc1:Resources to create
VPC only
Name tag - optional eg.
vpc1
IPv4 CIDR eg.
10.0.0.0/16
Create VPC with all other default
Goto
Subnets
and create subnet forvpc1
as:VPC ID select
vpc1
Scroll down to Subnet settings
Subnet name
vpc1subnet
Availability Zone anyone your choice eg.
us-east-1a
IPv4 CIDR block:
10.0.0.0/24
and Create subnet
Goto
Internet gateways
and Create internet gateway as:In Internet gateway setting
Name tag:
IGvpc1
Create internet gateway
Click on the popup Attach to VPC
Available VPCs -> select a VPC :
vpc1
Attach internet gateway
Goto
Route tables
and create a route table forvpc1
Route table settings
Name:
route_vpc1
VPC: Select
vpc1
Create route table
Step 2: Similarly, Create a Second VPC
Goto
Your VPCs
and Create vpc2:Resources to create
VPC only
Name tag - optional eg.
vpc2
IPv4 CIDR eg.
194.0.0.0/16
Create VPC with all other default
Goto
Subnets
and create subnet forvpc2
as:VPC ID select
vpc2
Scroll down to Subnet settings
Subnet name
vpc2subnet
Availability Zone anyone your choice eg.
us-east-1b
IPv4 CIDR block:
194.0.0.0/24
and Create subnet
Goto
Internet gateways
and Create internet gateway as:In Internet gateway setting
Name tag:
IGvpc2
Create internet gateway
Click on the popup Attach to VPC
Available VPCs -> Select a VPC :
vpc2
Attach internet gateway
Goto
Route tables
and create a route table forvpc2
Route table settings
Name:
route_vpc2
VPC: Select
vpc2
Create route table
Step 3: Now, Create a peering connection:
Goto
Peering connections
by scrolling down on the left side of the barClick on Create peering connection
Peering connection settings
Name:
peerVPC
VPC ID (Requester): Select
vpc1
VPC ID (Accepter): Select
vpc2
Create peering connection
Select
peerVPC
->Actions
->Accept request
Step 4: Last thing to do Modify a route table:
Goto
Route tables
Select
route_vpc1
Click on
Subnet associations
->Edit subnet associations
- Available subnets: Select
vpc1subnet
and Save associations
- Available subnets: Select
Click on
Routes
->Edit routes
->Add route
Destination:
0.0.0.0/0
Targe:Internet Gateway
->(IGvpc1)
Destination:
194.0.0.0/16
Targe:Peering Connection
->(peerVPC)
Similarly, Select
route_vpc2
Click on
Subnet associations
->Edit subnet associations
- Available subnets: Select
vpc2subnet
and Save associations
- Available subnets: Select
Click on
Routes
->Edit routes
->Add route
Destination:
0.0.0.0/0
Targe:Internet Gateway
->(IGvpc2)
Destination:
10.0.0.0/16
Targe:Peering Connection
->(peerVPC)
Step 4: Now, Smile all VPC work was done. Next goto EC2 -> instances
For First Instance
Launch instances
Name:
server1
select the existing key or create new
Network settings ->
Edit
VPC: Select
vpc1
Subnet:
vpc1subnet
Auto-assign public IP:
enable
Leave Create a security group checked
Leave all default and Launch instance
For Second Instance
Launch instances
Name:
server2
select the existing key or create new
Network settings ->
Edit
VPC: Select
vpc2
Subnet:
vpc2subnet
Auto-assign public IP:
desable
Leave Create a security group checked
Add security group rule
Type:
All traffic
Source type:
Anywhere
[ Note: It is not good practice to set the type
All traffic
just for basic understanding ]
Leave all default and Launch instance
Step 4: Connect the EC2 instance
After the Status check
2/2 checks passed
Select the EC2 instance with private IP i.e.
server2
and copy private IPThen, Select the EC2 instance with public IP i.e.
server1
And Click on
Connect
at the top, again Connect
- Now, you reached this window:
Here, perform the following commands:
sudo su
ping <private-ip-you-copied>
- You get the following output
CTRL+C to exit
- You get the following output