Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

How can I access resources in a peered VPC over site to site VPN?

0

Hi, I have a peering connection setup between VPC A and VPC B. And I've also setup a site to site VPN connection to VPC A. How can I access the resources in VPC B through the site to site VPN connection?

Argomenti
Networking e distribuzione di contenuti
Tag
Amazon VPCNetworking e distribuzione di contenutiRete privata virtuale AWS (VPN)
Lingua
English
blacktulip11
posta 2 anni fa3363 visualizzazioni
1 Risposta
3
Risposta accettata

The short answer is you can't because VPC peering doesn't support transitive routing. The rule for transitive routing is that the traffic must either originate or terminate on a network interface in the VPC. This is why VPC Peering isn't transitive - no network interface is involved, so no route table. Also this is why Transit Gateway is transitive as its attachment points in a VPC use network interfaces.

The usual approach is for your site-to-site VPN to have VIFs to each VPC, or better still, to use Transit Gateway.

Another workaround is using a proxy instance to put a network interface into that VPC you want to transit through. See for example the standard "Transit VPC" Strategy that was more commonly used before Transit Gateway came along.

ESPERTO
skinsman
con risposta 2 anni fa
profile picture
ESPERTO
Sedat Salman
verificato 10 mesi fa
profile pictureAWS
ESPERTO
Brettski-AWS
verificato 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente