By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How do I get clients to access the source server from the other side of peering? If I want to establish a peering connection in an ipv6 environment with a friend who is not using AWS, what can I do.

0

Right now I've got an ipv6 address block from California in the US through a sit tunnel, and I want to use it to build my service. But since the client is located in China, the client's access needs to go around a long route to reach it. So I want to build a server in China and use tunneling protocol to get the address that EC2 got through sit tunnel and use peering to shorten the line, I don't know if it is feasible? China due to the policy and operator's strategy, resulting in the acquired address can not provide the service properly, or even directly can not provide the service. This makes me have to think about other methods because of it, but I don't have ASN if I say get BGP.

Topics
ComputeNetworking & Content DeliveryMigration & ModernizationAWS Well-Architected Framework
Tags
Linux ProvisioningNetworking & Content DeliveryAWS Transfer FamilyPerformance EfficiencyIPv6
Language
English
rePost-User-1933391
asked a year ago422 views
1 Answer
4
Accepted Answer

AWS DirectConect can be a good option for this one So before start please read

https://aws.amazon.com/about-aws/whats-new/2019/11/aws-direct-connect-enables-direct-connect-gateway-for-aws-china-regions/ and

https://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html

If you want to create a peering connection between your AWS VPC and a friend's network, you can use the AWS Direct Connect service to create a private, dedicated network connection between your AWS VPC and your friend's network. This allows you to bypass the public internet by routing traffic directly between your AWS VPC and your friend's network.

You'll need to work with an AWS Direct Connect partner or a colocation provider that offers Direct Connect access to set up a Direct Connect connection. Once the connection is established, you can establish a VPC peering connection between your VPC and your friend's network. This will allow you to use private IP addresses to route traffic between your VPC and your friend's network.

profile picture
EXPERT
Sedat Salman
answered a year ago
  • rePost-User-1933391
    a year ago

    Thanks for your answer, but it doesn't seem to solve my problem. For a friend, I can set up a GRE tunnel and it costs nothing extra, but I'm not sure how to get clients outside the tunnel to also connect to the source server through an existing connection.

  • Sedat Salman EXPERT
    a year ago

    Set up a proxy server in China that forwards traffic to your source server through the GRE tunnel. Clients outside the tunnel can connect to the proxy server, which will forward their requests through the GRE tunnel to the source server. This solution allows you to manage client access to the source server without requiring the clients to set up VPN connections.

    To set up a proxy server, you can use open-source solutions like Nginx, HAProxy, or Squid.

  • rePost-User-1933391
    a year ago

    If I want to let the client just make traffic through the existing connect into the GRE tunnel, connect to the source server and get all the services provided by the source server (Web, GRE Tunnel, Minecraft and others). Will it be able to do this? Looking forward to your answer.

    If a client connects to the source server using the ipv6 address on the source server, how do I get the proxy server to proxy traffic for it?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content