Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon
Labs

Implementing VPC Peering on AWS

**Thank you for your interest in this content. Unfortunately, this content is no longer being updated and some of it may be out-of-date.** In this live environment, you will learn how to create, and configure VPC peering within AWS. VPC peering is a feature of AWS which allows cross-VPC communication, without additional hardware, or software solutions. VPC peering is a feature you will use daily in production environments, and it's useful to know for all of the AWS exams. The environment is split into three stages. There is an architectural overview first, followed by the creation and configuration of a VPC peer, and finally the live environment will finish by demonstrating the limitations of VPC peering and some advanced features. By the end of the lab, you will be able to comfortably implement VPC peering, know it's limitations, and perhaps more importantly understand when and why you would use the feature.

Try for free Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Intermediate
Duration
Clock icon 1h 30m
Published
Clock icon Sep 09, 2021

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Create a VPC Peer

    1. Change the NACL for Public2 Subnet - change ICMP from, 0.0.0.0/0 to 10.0.0.0/13.
    2. Create a VPC peer from VPC1, to VPC2.
    3. Accept the VPC peer between VPC1, and VPC2.

    Note: Ensure you are logged in to the AWS account, INSTANCE1, and INSTANCE2 using the cloud_user credentials provided.

  2. Challenge

    Configure Routing

    1. Locate the route tables associated with PublicSubnet1, and PrivateSubnet1.
    2. In each - Add a route for the CIDR of VPC2 and the target of the VPC Peer created in Task 1.
    3. Locate the route tables associated with PublicSubnet2, and PrivateSubnet2.
    4. In each - Add a route for the CIDR of VPC1 and the target of the VPC Peer created in Task 1.
    5. Obtain the privateIP for Instance2, and ping it from Instance1.

    Note: Ensure the VPC peer is created and active from Task 1.

  3. Challenge

    Create VPC Peer Mesh

    1. Create and Accept a VPC peer from VPC2 to VPC3

    2. Locate the route tables associated with PublicSubnet2 and PrivateSubnet2.

    3. In each - Add a route for the CIDR of VPC3 and the target of the VPC Peer created in Task 1.

    4. Locate the route tables associated with PublicSubnet3 and PrivateSubnet3.

    5. In each - Add a route for the CIDR of VPC2 and the target of the VPC Peer created in Task 1.

    6. Edit the NACL associated with the subnet Instance3 is in. Add a INGRESS rule allowing ICMP IPv4 from 10.0.0.0/13.

    7. Edit the NACL associated with the subnet Instance3 is in. Add a EGRESS rule allowing ICMP IPv4 to 10.0.0.0/13.

    8. Ping the privateIP of Instance3 from Instance2 - does it work? Why?

      Note: VPC peering isn't transitive. A pair of peers from VPC1 <-> VPC2 and from VPC2 <-> VPC3 does not mean VPC1 and VPC3 can communicate.

    9. Create and accept a VPC peer from VPC1 to VPC3.

    10. Locate the route tables associated with PublicSubnet1, and PrivateSubnet1.

    11. In each - Add a route for the CIDR of VPC3, and the target of the VPC Peer created in Task 1.

    12. Locate the route tables associated with PublicSubnet3, and PrivateSubnet3.

    13. In each - Add a route for the CIDR of VPC1, and the target of the VPC Peer created in Task 1.

    14. From Instance1, ping the privateIP of Instance3.

      Note: Ensure the VPC Peer from Task 1 is created and active.

  4. Challenge

    DNS Over VPC Peer

    Note: Ensure that the VPC peer created in Task 1, the routing from Task 2, and the VPC peer mesh and routing from Task 3 are all active:

    1. From the EC2 console, locate the public DNS name, and private DNS name for Instance2
    2. From Instance1, ping the public hostname of Instance2, and it should return a public IP
    3. From the VPC peer options between VPC1, and VPC2, enable both DNS resolution check boxes
    4. If you wait a few minutes and ping the public DNS name of Instance2 from Instance1, what happens?

    Note: Enabling DNS support for VPC peers allows the private IP usage to be forced, if applications always use the instance DNS name.

A Cloud Guru - Labs - Implementing VPC Peering on AWS
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans