Questions tagged [vpc-peering]
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses.
87
questions
9
votes
5
answers
6k
views
Cannot connect to Cloud SQL Postgres from GKE via Private IP
I am having trouble accessing a Cloud SQL instance running Postgres from a GKE cluster using the database's private IP. All the documentation I've found suggests using a VPC-enabled cluster to ...
7
votes
1
answer
4k
views
How to configure cross region VPC peering on AWS with Terraform
I'm trying to create a terraform configuration to spin up multiple VPCs in different regions and create VPC peer connections between them.
This is my module for the VPC
# Required Variables
...
5
votes
1
answer
4k
views
Issue Connecting to Cloud SQL Postgres using Private IP from GKE
Steps I have followed:
1. Create VPC network
gcloud compute networks create stg-vpc \
--subnet-mode custom
2. Create IP range for VPC Peering for this network
gcloud beta compute addresses ...
4
votes
1
answer
4k
views
How to connect instances in different AWS accounts by private IP?
Say I have accounts A and B and light sail instances a and b in each account. a and b are in the same region and zone. Is it possiple for a and b to interconnect with private IP? For example, after I ...
4
votes
1
answer
6k
views
Cannot ping between EC2 instances in peered VPCs
I am trying to setup a barebones VPC connection within the same AWS account.
VPC-A and Subnet-A have CIDR: 10.200.1.0/24
VPC-B and Subnet-B have CIDR: 10.200.2.0/24
Each VPC contains one EC2 ...
3
votes
1
answer
7k
views
Using AWS Nat Gateway from diferrent VPC across VPC peering
I would like to use Nat Gateway (not Nat Instance on EC2!) from another VPC to route my traffic from peered VPCs to the Internet. My infrastructure looks like this:
/---------------------VPC-LIVECHAT-...
3
votes
1
answer
3k
views
Forwarding traffic from AWS ELB to another ELB
I have 2 VPCs (X and Y). We have a vpc peering connection between the two. In VPC X, we have a CNAME that needs to resolve to an ELB in VPC Y. Is there any way to make an ELB in VPC X forward traffic ...
3
votes
1
answer
518
views
Terraform: using exportCustomRoutes when setting peering connection
I am trying to set-up a peering connection between 2 VPC networks.
One network (the transit one) configures static routes, and I would like to have those propagated to the peered network.
Here's an ...
3
votes
1
answer
2k
views
Cant create a "Serverless VPC Access" on Google Cloud
I am trying to create a "Serverless VPC Access" on Google Cloud. I have already done it before on another account to join Redis with CloudRun.
This is an example of the configuration that I ...
3
votes
1
answer
2k
views
How do I resolve a private DNS address from within an AWS Fargate task
I'm trying to setup a connection to a MongoDB Atlas database from an AWS Fargate container. The VPC peering is setup and works and I can successfully connect to the MongoDB Atlas cluster from a ...
2
votes
1
answer
3k
views
Connecting multiple VPCs with the same CIDR block to a shared VPC
In my company's AWS cloud we have 4 VPCs, one for each of our major API environments (dev, test, stage, prod). In order to make these environments as similar as possible to each other they all have ...
2
votes
1
answer
2k
views
SSH connection between two server after VPC Peering
I am trying to configure SSH connection between two server on two different VPC on my same account.
VPC1:
vpc-ba8ce8d2
172.31.0.0/16
rtb-576e373f
acl-0dbefa65
VPC2:
vpc-0c5fc020e4f30283d
10.0.0.0/...
2
votes
1
answer
2k
views
AWS Client VPN Access to a Peered VPC
In my AWS infrastructure there are a few VPC.
3 days ago I created Client VPN in VPC1, and successfully configured access to VPC2 according the instruction: https://docs.aws.amazon.com/vpn/latest/...
2
votes
1
answer
7k
views
Why does an S3 to S3 copy care about VPCs? Related to error: "VPC endpoints do not support cross-region requests."
Goal: Get files
from Bucket 1 in ca-central-1 in Account A
to Bucket 2 in us-east-1 in Account B
using the AWS CLI from a third machine using an the IAM role with correct S3 read and write ...
2
votes
2
answers
966
views
Route traffic between a VPC in one region to a VPC in another region
In order to allow instances in a VPC in Oregon (us-west-2) to contact instances on another VPC in Ireland (eu-west-1), I've installed OpenSwan gateway machines on both regions and established an IPSEC ...
2
votes
1
answer
2k
views
Connecting to VPC internal services from Google Cloud Shell
Is it possible to access services (like CloudSQL or some custom applications) that are running on internal IPs only (VPC) from cloud shell?
The idea behind it, I want to keep Cloud SQL on private IPs ...
2
votes
1
answer
671
views
Shared VPC and VPC Peering mix
On Google cloud, I have setup new three projects - dev, research and prod. So, then created an Shared VPC Host and three Service Projects as listed above. Also intend to have separate VPCs for each of ...
2
votes
1
answer
326
views
Google Cloud App Engine with network peering
I'm trying to connect App Engine application to MongoDB Cloud over a peering connection.
All services in my GCP are using non-default network called "main". I've setup peering connection ...
1
vote
2
answers
877
views
Restricting traffic between AWS VPCs
I have two VPCs: A and B.
I want any node in A to be able to open a TCP connection to any node in B, but not the other way around. Any node in B must also be able to open outgoing connections to ...
1
vote
2
answers
3k
views
AWS Active Directory: Cannot access from another VPC
I've setup an Active Directory service in AWS in 2 private subnets in a VPC.
I have another VPC in the same account that I want to be able to access the AD from. However for some reason it just isn't ...
1
vote
1
answer
698
views
GCP VPC Peering active, connectivity tests ok, but any request (ssh, icmp...) times out
I have 2 GCP projects with 2 different VPCs:
VPC1 has the default subnet
VPC2 has a default subnet and a custom subnet
I then have 2 instances, one in each project:
instance1 has one network interface ...
1
vote
1
answer
91
views
Central VPN in a mulit-vpc architecture
I am designing a network flow for the following scenario -
VPC 1 - hosting servers and apps in a private subnet
VPC 2 - hosting servers and apps in a private subnet
Management VPC (#3) - Hosting VPN ...
1
vote
1
answer
4k
views
Solving the mystery - VPCs have overlapping IPv4 CIDR blocks
In AWS, When I try to create a peering connection I get this following error
Failed due to incorrect VPC-ID, Account ID, or overlapping CIDR range
I am not savvy with the networking and wonder how I ...
1
vote
1
answer
4k
views
AWS VPC Peering security concern
I got started with AWS recently. I came across an use case which I believe is pretty common but I was curious to understand how it will be implemented on AWS. We are collaborating with another ...
1
vote
2
answers
63
views
I have created one vpc with three different subnets and I am facing issue while doing ssh from instances. getting check public key error
I have created one vpc with three different subnets and I am facing issue while doing ssh from instances. getting check public key error but succeed before.
tarun@eu-vm:~$ ssh 192.168.0.3
Linux web-...
1
vote
2
answers
170
views
Cannot connect to Google Cloud Services on GCE instance using an external static IP Address
I‘m trying to connect to services hosted on Google Cloud, e.g. gcr.io (which is very important to me as my Docker images are hosted over there) via a GCE instance. Using an external static IP address ...
1
vote
1
answer
485
views
google route peering as nexthop
Using the google cloud web interface for add a custom route with a peering as nexthop,But in this interface and in gcloud too, we can select only as next hop:
--next-hop-address=NEXT_HOP_ADDRESS
--...
1
vote
1
answer
8k
views
Not able to access RDS instance inside EKS cluster | EKS <-> RDS connection
I'm trying to access my existing RDS instance in the newly created EKS cluster.
steps I have followed:
Create a VPC peering connection by keeping RDS as requester and EKS as accepter.
Add destination ...
1
vote
1
answer
3k
views
Google Cloud VPC network peering - DNS not shared?
I've got two VPC Networks:
A
B
They are linked with eachother trough VPC network peering. Machines from network A can reach machines from network B just fine via IP.
However, they are not capable ...
1
vote
1
answer
749
views
AWS VPC Peered - RDS accessing Active Directory Service
I have two aws accounts and I could establish a peering of two VPCs belonging to each account. Also, I was able to launch an EC2 instance one account joining to the AD domain on the other account. The ...
1
vote
1
answer
1k
views
VPC peering: Accessing a resource in public subnet from a public subnet through peering connection issues
I have set vpc peering between these VPCs (vpc-1 and vpc-2).
I have my RDS in vpc-1 in this subnets (10.13.1.0, 10.13.2.0, 10.13.3.0) with this route rtb-vpc1-rds.
In the second VPC and two subnets : ...
1
vote
1
answer
293
views
AWS VPN - Fault Tolerant Cross-Region and VPC CIDR block
I have some complicated question:
I have connected multiple VPCs with EC2 Instances (IPSec) for routing traffic between VPC's across regions, I have VPN connection to each aws region, and everything ...
1
vote
1
answer
59
views
In GCP, how to connect to CloudSQL from another project?
I have three projects in Google Cloud Platform (GCP) under one organization: Project A, Project B, and Project C (central). Project C is using a GCP Cloud SQL component (MySQL), which is connected via ...
1
vote
0
answers
358
views
Is it possible to use both VPC peering and Transit Gateway?
I currently have 2 VPCs with an InternetGateway each VPC1 and VPC2.
I need VPC2 to use VPC1's public IP.
I'd rather modify VPC1 as little as possible.
There is a lot of traffic between these 2 VPCs.
...
1
vote
0
answers
173
views
AWS VPC CIDRs in both 10.0.0.0/8 and 192.168.0.0/16
I have VPC A with CIDR 10.A.0.0/16 and VPC B with CIDR 10.B.0.0/16. I have VPC A and B peered and updated the route tables and from a server in 10.B.0.0/16 can ping a server in 10.A.0.0/16 and vice ...
1
vote
2
answers
232
views
Prevent data exfiltration in AWS via HTTP and FTP
I have a series of AWS accounts that are under one organizational entity. I want to prevent other users in my accounts from copying or sending data to an account that is not in my organization via ...
1
vote
2
answers
2k
views
Connecting Google Cloud Functions across Projects
I am using Google Cloud Functions and have multiple projects with cloud functions, that need to communicate with each other. My problem is that functions can only communicate with each other if they ...
1
vote
1
answer
1k
views
What am I doing wrong with private GKEs peering and Cloud NAT?
I am trying to mount the following platform on Google Cloud:
2 private (native) GKE clusters, in 2 different VPCs and to give them access to the internet, each vpc has a Cloud Nat configurated.
What ...
1
vote
1
answer
721
views
How to make AWS resolves domain name to internal IP
I have a VPC peering established with MongoDB Atlas, however when I try to resolve the database cluster's domain from within an EC2 instance in the same VPC, I get back the public IP. This is a ...
1
vote
1
answer
538
views
Connection though VPC peering from VM to Kubernetes Service
I have 2 VPCs in GPC, the first one (VPC-1) running k8s cluster and the second running some VMs (VPC-2).
I created a VPC peering between these 2 VPCs and I am able to connect from VM on VPC-2 to pod ...
1
vote
1
answer
2k
views
ALB can't forward to NLB over VPC Peering Connection
I have an internet-facing ALB in VPC1 and an internal NLB in VPC2
The NLB is pointed at an ECS service and health-checks are healthy
The ECS Task Security Group allows traffic from VPC1 CIDR as well
...
1
vote
0
answers
1k
views
cannot ping ec2 in another vpc through peer connection
I have multiple VPC's set up, A, B and X.
I have a peered connection between A & X and between B & X, X is the Peered VPC in both cases.
I have added the CIDR Blocks for A & B to the ...
1
vote
0
answers
194
views
Cross region VPC/VPN not routing to peered VPC
I've setup IPSEC tunnels between 3 management VPCs in 3 distinct AWS regions. Each of those regions has additional VPCs (dev/prod) that are peered to the management VPCs. It's setup in a hub/spoke ...
0
votes
2
answers
3k
views
aws vpc to vpc connection with openvpn
I have a 2 VPC's in us-east-1(VPC1 and VPC2) and are VPC peered. I run openVPN in VPC1 to connect to both the vpc. Now I had to make 2 new VPC's in ap-southeast-1(VPC3 and VPC4) again both are VPC ...
0
votes
1
answer
196
views
AWS VPC peering response traffic - can return address CIDRs overlap?
The AWS documentation on peering refers to the situation where VPCs B and C each have a subnet with an identical CIDR and which are both peered with VPC A, as per the diagram below:
The documentation ...
0
votes
1
answer
631
views
How to access a private zone via DNS peering
Let's say I have 2 projects (A, B), each with their own VPC and VPC peering enabled between them.
Then I create a private DNS zone in project A, let's say with .internal as DNS name. Then I add an A ...
0
votes
1
answer
532
views
AWS Client VPN to improve cross region performance
I have a Wordpress site on AWS in us-east-1. Due to business policies, I cannot use a CDN or multi-tenant. I have admins in Australia say the site is down or slow, but it's up for me, as well as isup....
0
votes
1
answer
342
views
Can you have multiple active route tables in AWS?
I was trying to set up VPC peering in AWS. I got most of it working but the network connectivity didn't work. I narrowed down the difference to the routes.
In my previous working system I had the ...
0
votes
1
answer
1k
views
How to troubleshoot network flows across peered VPC
I'm trying to accomplish this: https://cloud.google.com/vpc/docs/vpc-peering#global and it isn't working. Specifically, i'm trying to access an external server via a VPN on a peered network.
My ...
0
votes
1
answer
2k
views
how do i get a vpc id from another account with terraform
I have an existing VPC in a separate account and am creating independent terraforms for more vpc's in new accounts.
I wish to peer specific vpc's within each account but am finding it hard to ...