Overlapping IP issue between VPC and VPN
Above architecture diagram has 3 VPCs & 2 site-to-site VPN connections VPC-A, VPC-B, VPC-C (contains shared services)
VPN-A is connected to VPC-A only using transit gateway.
VPN-B is connected to VPC-B only using transit gateway.
There is also two-way connectivity between VPC-A, VPC-C and also between VPC-B, VPC-C.
Problem is IP overlap between VPN Gateway A and VPC-C. Both are using CIDR 10.4.0.0/16.
So, how can VPC A diffentiate between VPN Gateway A and VPC-C and have two-way connectivity with both VPN Gateway A and VPC-C?
What should I do resolve IP overlap issue without changing CIDR?
Most of the articles I see are talking about using NAT or private link to solve IP overlapping, but those solutions only work if it's only one way connectivity.
- 新しい順
- 投票が多い順
- コメントが多い順
Renumbering IP is the only option since you need full network reachability between the VPCs.
+1 to this answer - in the long run, renumbering is the least expensive and least complex path (although it may not seem like it): https://aws.amazon.com/blogs/networking-and-content-delivery/connecting-networks-with-overlapping-ip-ranges/