Two VPCs Peered Together
You have a VPC peering connection (pcx-11112222
) between VPC A and VPC B, which are in the same AWS account, and do not have overlapping CIDR blocks.
You may want to use this kind of configuration when you have a two VPCs that require access to each others’ resources. For example, you set up VPC A for your accounting records, and VPC B for your financial records, and now you want each VPC to be able to access each others’ resources without restriction.
The route tables for each VPC point to the relevant VPC peering connection to access the entire CIDR block of the peer VPC.
Route Table | Destination | Target |
---|---|---|
VPC A | 172.16.0.0/16 | Local |
10.0.0.0/16 | pcx-11112222 | |
VPC B | 10.0.0.0/16 | Local |
172.16.0.0/16 | pcx-11112222 |
One VPC Peered with Two VPCs
You have a central VPC (VPC A), and you have a VPC peering connection between VPC A and VPC B (pcx-12121212
), and between VPC A and VPC C (pcx-23232323
). The VPCs are in the same AWS account, and do not have overlapping CIDR blocks.
You may want to use this ‘flying V’ configuration when you have resources on a central VPC, such as a repository of services, that other VPCs need to access. The other VPCs do not need access to each others’ resources; they only need access to resources on the central VPC.
VPC B and VPC C cannot send traffic directly to each other through VPC A. VPC peering does not support transitive peering relationships, nor edge to edge routing. You must create a VPC peering connection between VPC B and VPC C in order to route traffic directly between them. For more information,
The route tables for each VPC point to the relevant VPC peering connection to access the entire CIDR block of the peer VPC.
Route Table | Destination | Target |
---|---|---|
VPC A | 172.16.0.0/16 | Local |
10.0.0.0/16 | pcx-12121212 | |
192.168.0.0/16 | pcx-23232323 | |
VPC B | 10.0.0.0/16 | Local |
172.16.0.0/16 | pcx-12121212 | |
VPC C | 192.168.0.0/16 | Local |
172.16.0.0/16 | pcx-23232323 |
Three VPCs Peered Together
You have peered three VPCs together in a full mesh configuration. The VPCs are in the same AWS account and do not have overlapping CIDR blocks:
- VPC A is peered to VPC B through VPC peering connection
pcx-aaaabbbb
- VPC A is peered to VPC C through VPC peering connection
pcx-aaaacccc
- VPC B is peered to VPC C through VPC peering connection
pcx-bbbbcccc
You may want to use this full mesh configuration when you have separate VPCs that need to share resources with each other without restriction; for example, as a file sharing system.
The route tables for each VPC point to the relevant VPC peering connection to access the entire CIDR block of the peer VPCs.
Route Tables | Destination | Target |
---|---|---|
VPC A | 172.16.0.0/16 | Local |
10.0.0.0/16 | pcx-aaaabbbb | |
192.168.0.0/16 | pcx-aaaacccc | |
VPC B | 10.0.0.0/16 | Local |
172.16.0.0/16 | pcx-aaaabbbb | |
192.168.0.0/16 | pcx-bbbbcccc | |
VPC C | 192.168.0.0/16 | Local |
172.16.0.0/16 | pcx-aaaacccc | |
10.0.0.0/16 | pcx-bbbbcccc |
One VPC Peered with Multiple VPCs
You have a central VPC (VPC A) that’s peered to the following VPCs:
- VPC B through
pcx-aaaabbbb
- VPC C through
pcx-aaaacccc
- VPC D through
pcx-aaaadddd
- VPC E through
pcx-aaaaeeee
- VPC F through
pcx-aaaaffff
- VPC G through
pcx-aaaagggg
VPC A is peered with all other VPCs, but the other VPCs are not peered to each other. The VPCs are in the same AWS account and do not have overlapping CIDR blocks.
None of the other VPCs can send traffic directly to each other through VPC A. VPC peering does not support transitive peering relationships, nor edge to edge routing. You must create a VPC peering connection between the other VPCs in order to route traffic between them.