📖 What is VPC Peering?
VPC Peering enables direct network connectivity between two VPCs, allowing traffic to be routed privately using IPv4 or IPv6 addresses. This facilitates resource sharing and application integration without traversing the public internet, enhancing security and performance.
"A critical exam point: VPC Peering is *not* transitive. Understand the limitations of peering and when Transit Gateway becomes a more suitable solution. Pay attention to route table updates required to enable peering connectivity."
📚 Certification: AWS Certified Solutions Architect - Associate (SAA-C03)
🔑 What are the Key Concepts of VPC Peering?
- ▸ VPC Peering establishes a one-to-one networking connection, requiring route table updates in both peered VPCs to direct traffic correctly.
- ▸ Peering connections are non-transitive; a VPC peered with VPC A cannot initiate traffic to VPC B if A and B are not directly peered.
- ▸ Overlapping CIDR blocks prevent VPC Peering; VPCs must have unique, non-overlapping IP address ranges to establish a successful connection.
- ▸ Peering utilizes AWS's internal network, offering lower latency and increased bandwidth compared to traffic routed over the internet.
- ▸ Security groups and NACLs still apply to traffic flowing through a VPC Peering connection, maintaining granular control over network access.
🎯 How does VPC Peering appear on the SAA-C03 Exam?
You may be asked to identify the best solution for connecting two VPCs in different AWS accounts, where security and private communication are paramount, and transitive routing isn't required.
A scenario might describe a company needing to share resources between development and production VPCs – determine if VPC Peering or Transit Gateway is the more appropriate choice based on scalability needs.
Expect questions about troubleshooting VPC Peering connections, such as identifying why traffic isn't flowing despite a successful peering request – focus on route table configurations.
❓ Frequently Asked Questions
When should I choose VPC Peering over a VPN connection?
VPC Peering is ideal for connecting VPCs within the same region for low-latency, high-bandwidth access. VPNs are better for connecting to on-premises networks or VPCs in different regions.
What happens if I try to peer VPCs with overlapping CIDR blocks?
The peering request will fail. AWS requires unique CIDR blocks for each VPC involved in a peering connection to avoid routing conflicts and ensure proper network functionality.
How does VPC Peering impact my AWS bill?
VPC Peering itself is free, but you are charged for the data transferred between the peered VPCs at standard data transfer rates. There are no hourly or monthly fees for the peering connection.