Peering Connections
VPC peering allows users to create a direct IP connection between any two VPCs. A direct connection between VPCs means that servers in one VPC can be accessed from another VPC without the need for elastic IP addresses or traffic passing through the border network.
VPC peering is simply an L3 connection implemented using routing tables and IP connectivity.
VPC peering can only be implemented between VPCs that have no overlapping addresses (since the connection is based solely on routing).
VPC peering is carried out between two VPCs in the same OpenCloud region.
VPC peering is subject to the OpenCloud Services permission scheme. This means that to create a peering connection, the user must have permissions in both VPCs.
Unlike AWS VPC peering connections, the OpenCloud Services implementation does not require the consent of both sides of the peering connection.
A VPC peer can only be referenced in the security group by the CIDR of the peered node.
The VPC peering function can be used in a "star" topology with one central VPC and three peered VPCs.
VPC Peering Implementation in Compute VPC peering is an additional router located between the peered VPCs.
This peering router is filled with the addresses of the two VPCs (CIDR).
VPC peering does not support transit routing from one VPC through another VPC to a different network, whether it's the Internet (for sharing IGW) or routing to an on-premises network via a direct subnet, etc.
Creating a Peering Connection
To create a peering connection:
- Go to Networking > Peering Connections.
- On the top toolbar, click Peer VPC and fill in the following fields:
- Name – the name of the peering connection.
- Description – description of the peering connection.
- Requester – select the requester VPC from the dropdown list.
- Accepter – select the accepter VPC from the dropdown list or enter the VPC ID shown in the detailed view of the VPC in Networking > VPC.
Click OK. The peering connection will appear in the list with the status Pending-Acceptance.
To accept the peering request, click on the Pending-Acceptance status and select Accept from the top toolbar. The status should change to Active.
To allow traffic, routes need to be created in the appropriate routing tables. The route can be directed to the entire VPC or specific subnets. The target of the route is the peering connection.
To create a route:
Go to Networking > Routing Tables.
On the top toolbar, select Create and fill in the following fields:
- Name – the name of the routing table.
- Description – description of the routing table.
- VPC – VPC for one of the requesting VPCs.
Click OK. The routing table is created.
Select the new routing table from the displayed list, and on the bottom toolbar, select the Routes tab and click Create.
In the "Create Route" dialog, select Target Type = Peering Connections, and then choose the CIDR in the receiving VPC.
Click OK.
To ensure that the VPC peering connection is working, run the ping command between two virtual machine instances in two different VPCs that have a VPC peering connection.
Get a consultation from a manager!
Do you need to clarify the details? Discuss the requirements? Do you have a difficult project? We will help you find the right solution.
'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_1362_1644'%20x1='98.2981'%20y1='-36.0977'%20x2='98.2981'%20y2='180.309'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='white'%20stop-opacity='0.8'/%3e%3cstop%20offset='1'%20stop-color='%23B5E275'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)