Understanding VPC Peering in Simple Words

Have you ever had a friend in the neighborhood with whom you wanted to share toys without letting anyone else in on your little exchange? In the world of cloud computing, especially when working with Amazon Web Services (AWS), there's a concept somewhat similar to this called "VPC Peering." Let's break this down into simpler terms to understand what VPC Peering is all about.

What is a VPC?

Before diving into VPC Peering, it's crucial to understand what a VPC is. VPC stands for Virtual Private Cloud. Imagine it as your own little piece of a cloud that you can control. It's like having a piece of land in the cloud where you can build your applications, store your data, and more, with the freedom to manage who can come in or go out.

Then, What is VPC Peering?

Now, suppose you have two pieces of such land (VPCs) in the cloud. One belongs to you, and the other belongs to a friend or a different department of your organization. You decide you want to share resources between these two VPCs without going through the public internet or allowing others to access this direct pathway. This direct connection you establish is known as VPC Peering.

Why VPC Peering?

• Security: Since the connection does not go over the public internet, it's more secure. It's like having a private tunnel that only you and your friend know about.

• Performance: The direct connection reduces delays. It's faster to share resources because the data doesn't have to take a longer, more circuitous route through the public internet.

• Cost: It can be more cost-effective. Since the data doesn't leave the cloud provider's network, certain costs associated with data transfer might be reduced.

How Does It Work?

Imagine two houses in a neighborhood, each with its own fenced yard (these are your VPCs). Normally, to visit each other, you'd have to go out your gate, walk down the street, and then enter the other's gate. This is how data travels over the internet. VPC Peering is like building a direct gate between the two yards. The houses are still separate, and their yards are private, but they have a secure and private way to interact directly.

Points to Remember

• Not Transitive: If House A is connected to House B, and House B is connected to House C, it doesn't mean House A can access House C through B. Each peering connection is a direct link between two VPCs without any intermediary.

• Routing: Just as you would need to know the path to your friend’s gate, in VPC Peering, you need to update routing tables in your VPCs to ensure they know how to route traffic to each other.

• No Overlapping Ranges: Each VPC must have a unique address range. If two houses had the same address, it would be confusing for anyone trying to find them, right?

How can you create a vpc :-

Go to AWS console search for VPC. click on create vpc give any name then in that if you want other resources should be created by aws then select vpc and more.

Else select vpc only. I want to create vpc only. so selected vpc only. select the setting as i selected as below click on create vpc.

after creating vpc you need to create subnets. a public subnet and a private subnet.

To create a subnet click on subnet after that select vpc for which you want to create a subnet. after that give name to subnet. and follow setting as below. and click on create subnet.

To create private subnet follow same steps as below:-

After creating public and private subnets.

you need to create an internet gateway. click on internet gateway and create it.

and attach the internet gateway to your vpc.

after that create a route table.

In route table edit subnet association add public subnet in association and save changes.

after that edit routes and add internet gateway and save changes.

follow same steps to create another vpc and subnets. and route tables and internet gateway for vpc peering.

create an EC2 instance in selected vpc.

and create a key pair

select vpc as prod-vpc which we have created.

after selecting all above specification launch the instance in different vpc and connect to the instance.

create another vpc as test-vpc.

create a public subnet.

create an internet gateway.

create route table for test-vpc.

edit subnet association add public subnet of test vpc to test-routetable.

save the changes.

launch an ec2 instance selecting test-vpc add below configurations.

now connect both instances which are in different vpc named test-vpc and prod-vpc.

now you need to create a peering connection to peer the vpc as below.

VPC Peering :-

Now for peering in between to vpc's. create a peering connection.

accept the peering connection request as below.

now to ping from test-vpc ec2 instance to prod-vpc ec2 instance you need add inbound rules in test-ec2 security group and prod ec2 security group as below. and save the changes.

and in route table add the peering connection route of test-routetable to prod-routetable.

and prod-routetable peering connection to test-routetable. and save changes.

now go to your instance of test-ec2 and ping private ip address of prod-ec2.

and to check use ping command followed by private ip if the connection is established or not. as you can see below :-

same you can check for pinging prod-ec2 of private ip address of test-ec as below.

Thank you for reading the article. I hope you find it helpful.