VPC peering configurations with routes to an entire VPC
You can configure VPC peering connections so that your route tables have access to the entire CIDR block of the peer VPC. For more information about scenarios in which you might need a specific VPC peering connection configuration, see VPC peering connection networking scenarios. For more information about creating and working with VPC peering connections, see Work with VPC peering connections.
For more information about updating your route tables, see Update your route tables for a VPC peering connection.
Configurations
Two VPCs peered together
In this configuration, there is a peering connection between VPC A and VPC B
(pcx-11112222
). The VPCs are in the same AWS account and their CIDR blocks
do not overlap.
You might use this configuration when you have two VPCs that require access to each others' resources. For example, you set up VPC A for your accounting records and VPC B for your financial records, and these each VPC must be able to access resources from the other VPC without restriction.
Single VPC CIDR
Update the route table for each VPC with a route that sends traffic for the CIDR block of the peer VPC to the VPC peering connection.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A CIDR |
Local |
VPC B CIDR |
pcx-11112222 | |
VPC B | VPC B CIDR |
Local |
VPC A CIDR |
pcx-11112222 |
Multiple IPv4 VPC CIDRs
If VPC A and VPC B have multiple associated IPv4 CIDR blocks, you can update the route table for each VPC with routes for some or all of the IPv4 CIDR blocks of the peer VPC.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A CIDR 1 |
Local |
VPC A CIDR 2 |
Local | |
VPC B CIDR 1 |
pcx-11112222 | |
VPC B CIDR 2 |
pcx-11112222 | |
VPC B | VPC B CIDR 1 |
Local |
VPC B CIDR 2 |
Local | |
VPC A CIDR 1 |
pcx-11112222 | |
VPC A CIDR 2 |
pcx-11112222 |
IPv4 and IPv6 VPC CIDRs
If VPC A and VPC B have associated IPv6 CIDR blocks, you can update the route table for each VPC with routes for both the IPv4 and IPv6 CIDR blocks of the peer VPC.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A IPv4 CIDR |
Local |
VPC A IPv6 CIDR |
Local | |
VPC B IPv4 CIDR |
pcx-11112222 | |
VPC B IPv6 CIDR |
pcx-11112222 | |
VPC B | VPC B IPv4 CIDR |
Local |
VPC B IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-11112222 | |
VPC A IPv6 CIDR |
pcx-11112222 |
One VPC peered with two VPCs
In this configuration, there is a central VPC (VPC A), a peering connection between
VPC A and VPC B (pcx-12121212
), and a peering connection between VPC A and
VPC C (pcx-23232323
). All three VPCs are in the same AWS account and their
CIDR blocks do not overlap.
VPC B and VPC C can't send traffic directly to each other through a VPC A, because VPC peering does not support transitive peering relationships. You can create a VPC peering connection between VPC B and VPC C, as shown in Three VPCs peered together. For more information about unsupported peering scenarios, see VPC peering limitations.
You might use this configuration when you have resources on a central VPC, such as a repository of services, that other VPCs need to access. The other VPCs do not need access to each others' resources; they only need to access resources in the central VPC.
Update the route table for each VPC as follows to implement this configuration using one CIDR block per VPC.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A CIDR |
Local |
VPC B CIDR |
pcx-12121212 | |
VPC C CIDR |
pcx-23232323 | |
VPC B | VPC B CIDR |
Local |
VPC A CIDR |
pcx-12121212 | |
VPC C | VPC C CIDR |
Local |
VPC A CIDR |
pcx-23232323 |
You can extend this configuration to additional VPCs. For example, VPC A is peered with VPC B through VPC G using both IPv4 and IPv6 CIDRs, but the other VPCs are not peered to each other. In this diagram, the lines represent VPC peering connections.
Update the route table as follows.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A IPv4 CIDR |
Local |
VPC A IPv6 CIDR |
Local | |
VPC B IPv4 CIDR |
pcx-aaaabbbb | |
VPC B IPv6 CIDR |
pcx-aaaabbbb | |
VPC C IPv4 CIDR |
pcx-aaaacccc | |
VPC C IPv6 CIDR |
pcx-aaaacccc | |
VPC D IPv4 CIDR |
pcx-aaaadddd | |
VPC D IPv6 CIDR |
pcx-aaaadddd | |
VPC E IPv4 CIDR |
pcx-aaaaeeee | |
VPC E IPv6 CIDR |
pcx-aaaaeeee | |
VPC F IPv4 CIDR |
pcx-aaaaffff | |
VPC F IPv6 CIDR |
pcx-aaaaffff | |
VPC G IPv4 CIDR |
pcx-aaaagggg | |
VPC G IPv6 CIDR |
pcx-aaaagggg | |
VPC B | VPC B IPv4 CIDR |
Local |
VPC B IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaabbbb | |
VPC A IPv6 CIDR |
pcx-aaaabbbb | |
VPC C | VPC C IPv4 CIDR |
Local |
VPC C IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaacccc | |
VPC A IPv6 CIDR |
pcx-aaaacccc | |
VPC D | VPC D IPv4 CIDR |
Local |
VPC D IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaadddd | |
VPC A IPv6 CIDR |
pcx-aaaadddd | |
VPC E | VPC E IPv4 CIDR |
Local |
VPC E IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaaeeee | |
VPC A IPv6 CIDR |
pcx-aaaaeeee | |
VPC F | VPC F IPv4 CIDR |
Local |
VPC F IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaaffff | |
VPC A IPv6 CIDR |
pcx-aaaaffff | |
VPC G | VPC G IPv4 CIDR |
Local |
VPC G IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaagggg | |
VPC A IPv6 CIDR |
pcx-aaaagggg |
Three VPCs peered together
In this configuration, there are three VPCs in the same AWS account with CIDR blocks that do not overlap. The VPCs are peered in a full mesh as follows:
-
VPC A is peered to VPC B through VPC peering connection
pcx-aaaabbbb
-
VPC A is peered to VPC C through VPC peering connection
pcx-aaaacccc
-
VPC B is peered to VPC C through VPC peering connection
pcx-bbbbcccc
You might use this configuration when you have VPCs that need to share resources with each other without restriction. For example, as a file sharing system.
Update the route table for each VPC as follows to implement this configuration.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A CIDR |
Local |
VPC B CIDR |
pcx-aaaabbbb | |
VPC C CIDR |
pcx-aaaacccc | |
VPC B | VPC B CIDR |
Local |
VPC A CIDR |
pcx-aaaabbbb | |
VPC C CIDR |
pcx-bbbbcccc | |
VPC C | VPC C CIDR |
Local |
VPC A CIDR |
pcx-aaaacccc | |
VPC B CIDR |
pcx-bbbbcccc |
If VPC A and VPC B have both IPv4 and IPv6 CIDR blocks, but VPC C does not have an IPv6 CIDR block, update the route tables as follows. Resources in VPC A and VPC B can communicate using IPv6 over the VPC peering connection. However, VPC C cannot communicate with either VPC A or VPC B using IPv6.
Route tables | Destination | Target |
---|---|---|
VPC A | VPC A IPv4 CIDR |
Local |
VPC A IPv6 CIDR |
Local | |
VPC B IPv4 CIDR |
pcx-aaaabbbb | |
VPC B IPv6 CIDR |
pcx-aaaabbbb | |
VPC C IPv4 CIDR |
pcx-aaaacccc | |
VPC B | VPC B IPv4 CIDR |
Local |
VPC B IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaabbbb | |
VPC A IPv6 CIDR |
pcx-aaaabbbb | |
VPC C IPv4 CIDR |
pcx-bbbbcccc | |
VPC C | VPC C IPv4 CIDR |
Local |
VPC A IPv4 CIDR |
pcx-aaaacccc | |
VPC B IPv4 CIDR |
pcx-bbbbcccc |
Multiple VPCs peered together
In this configuration, there are seven VPCs peered in a full mesh configuration. The VPCs are in the same AWS account and their CIDR blocks do not overlap.
VPC | VPC | VPC peering connection |
---|---|---|
A | B | pcx-aaaabbbb |
A | C | pcx-aaaacccc |
A | D | pcx-aaaadddd |
A | E | pcx-aaaaeeee |
A | F | pcx-aaaaffff |
A | G | pcx-aaaagggg |
B | C | pcx-bbbbcccc |
B | D | pcx-bbbbdddd |
B | E | pcx-bbbbeeee |
B | F | pcx-bbbbffff |
B | G | pcx-bbbbgggg |
C | D | pcx-ccccdddd |
C | E | pcx-cccceeee |
C | F | pcx-ccccffff |
C | G | pcx-ccccgggg |
D | E | pcx-ddddeeee |
D | F | pcx-ddddffff |
D | G | pcx-ddddgggg |
E | F | pcx-eeeeffff |
E | G | pcx-eeeegggg |
F | G | pcx-ffffgggg |
You might use this configuration when you have multiple VPCs that must be able to access each others' resources without restriction. For example, as a file sharing network. In this diagram, the lines represent VPC peering connections.
Update the route table for each VPC as follows to implement this configuration.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A CIDR |
Local |
VPC B CIDR |
pcx-aaaabbbb | |
VPC C CIDR |
pcx-aaaacccc | |
VPC D CIDR |
pcx-aaaadddd | |
VPC E CIDR |
pcx-aaaaeeee | |
VPC F CIDR |
pcx-aaaaffff | |
VPC G CIDR |
pcx-aaaagggg | |
VPC B | VPC B CIDR |
Local |
VPC A CIDR |
pcx-aaaabbbb | |
VPC C CIDR |
pcx-bbbbcccc | |
VPC D CIDR |
pcx-bbbbdddd | |
VPC E CIDR |
pcx-bbbbeeee | |
VPC F CIDR |
pcx-bbbbffff | |
VPC G CIDR |
pcx-bbbbgggg | |
VPC C | VPC C CIDR |
Local |
VPC A CIDR |
pcx-aaaacccc | |
VPC B CIDR |
pcx-bbbbcccc | |
VPC D CIDR |
pcx-ccccdddd | |
VPC E CIDR |
pcx-cccceeee | |
VPC F CIDR |
pcx-ccccffff | |
VPC G CIDR |
pcx-ccccgggg | |
VPC D | VPC D CIDR |
Local |
VPC A CIDR |
pcx-aaaadddd | |
VPC B CIDR |
pcx-bbbbdddd | |
VPC C CIDR |
pcx-ccccdddd | |
VPC E CIDR |
pcx-ddddeeee | |
VPC F CIDR |
pcx-ddddffff | |
VPC G CIDR |
pcx-ddddgggg | |
VPC E | VPC E CIDR |
Local |
VPC A CIDR |
pcx-aaaaeeee | |
VPC B CIDR |
pcx-bbbbeeee | |
VPC C CIDR |
pcx-cccceeee | |
VPC D CIDR |
pcx-ddddeeee | |
VPC F CIDR |
pcx-eeeeffff | |
VPC G CIDR |
pcx-eeeegggg | |
VPC F | VPC F CIDR |
Local |
VPC A CIDR |
pcx-aaaaffff | |
VPC B CIDR |
pcx-bbbbffff | |
VPC C CIDR |
pcx-ccccffff | |
VPC D CIDR |
pcx-ddddffff | |
VPC E CIDR |
pcx-eeeeffff | |
VPC G CIDR |
pcx-ffffgggg | |
VPC G | VPC G CIDR |
Local |
VPC A CIDR |
pcx-aaaagggg | |
VPC B CIDR |
pcx-bbbbgggg | |
VPC C CIDR |
pcx-ccccgggg | |
VPC D CIDR |
pcx-ddddgggg | |
VPC E CIDR |
pcx-eeeegggg | |
VPC F CIDR |
pcx-ffffgggg |
If all VPCs have associated IPv6 CIDR blocks, update the route tables as follows.
Route table | Destination | Target |
---|---|---|
VPC A | VPC A IPv4 CIDR |
Local |
VPC A IPv6 CIDR |
Local | |
VPC B IPv4 CIDR |
pcx-aaaabbbb | |
VPC B IPv6 CIDR |
pcx-aaaabbbb | |
VPC C IPv4 CIDR |
pcx-aaaacccc | |
VPC C IPv6 CIDR |
pcx-aaaacccc | |
VPC D IPv4 CIDR |
pcx-aaaadddd | |
VPC D IPv6 CIDR |
pcx-aaaadddd | |
VPC E IPv4 CIDR |
pcx-aaaaeeee | |
VPC E IPv6 CIDR |
pcx-aaaaeeee | |
VPC F IPv4 CIDR |
pcx-aaaaffff | |
VPC F IPv6 CIDR |
pcx-aaaaffff | |
VPC G IPv4 CIDR |
pcx-aaaagggg | |
VPC G IPv6 CIDR |
pcx-aaaagggg | |
VPC B | VPC B IPv4 CIDR |
Local |
VPC B IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaabbbb | |
VPC A IPv6 CIDR |
pcx-aaaabbbb | |
VPC C IPv4 CIDR |
pcx-bbbbcccc | |
VPC C IPv6 CIDR |
pcx-bbbbcccc | |
VPC D IPv4 CIDR |
pcx-bbbbdddd | |
VPC D IPv6 CIDR |
pcx-bbbbdddd | |
VPC E IPv4 CIDR |
pcx-bbbbeeee | |
VPC E IPv6 CIDR |
pcx-bbbbeeee | |
VPC F IPv4 CIDR |
pcx-bbbbffff | |
VPC F IPv6 CIDR |
pcx-bbbbffff | |
VPC G IPv4 CIDR |
pcx-bbbbgggg | |
VPC G IPv6 CIDR |
pcx-bbbbgggg | |
VPC C | VPC C IPv4 CIDR |
Local |
VPC C IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaacccc | |
VPC A IPv6 CIDR |
pcx-aaaacccc | |
VPC B IPv4 CIDR |
pcx-bbbbcccc | |
VPC B IPv6 CIDR |
pcx-bbbbcccc | |
VPC D IPv4 CIDR |
pcx-ccccdddd | |
VPC D IPv6 CIDR |
pcx-ccccdddd | |
VPC E IPv4 CIDR |
pcx-cccceeee | |
VPC E IPv6 CIDR |
pcx-cccceeee | |
VPC F IPv4 CIDR |
pcx-ccccffff | |
VPC F IPv6 CIDR |
pcx-ccccffff | |
VPC G IPv4 CIDR |
pcx-ccccgggg | |
VPC G IPv6 CIDR |
pcx-ccccgggg | |
VPC D | VPC D IPv4 CIDR |
Local |
VPC D IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaadddd | |
VPC A IPv6 CIDR |
pcx-aaaadddd | |
VPC B IPv4 CIDR |
pcx-bbbbdddd | |
VPC B IPv6 CIDR |
pcx-bbbbdddd | |
VPC C IPv4 CIDR |
pcx-ccccdddd | |
VPC C IPv6 CIDR |
pcx-ccccdddd | |
VPC E IPv4 CIDR |
pcx-ddddeeee | |
VPC E IPv6 CIDR |
pcx-ddddeeee | |
VPC F IPv4 CIDR |
pcx-ddddffff | |
VPC F IPv6 CIDR |
pcx-ddddffff | |
VPC G IPv4 CIDR |
pcx-ddddgggg | |
VPC G IPv6 CIDR |
pcx-ddddgggg | |
VPC E | VPC E IPv4 CIDR |
Local |
VPC E IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaaeeee | |
VPC A IPv6 CIDR |
pcx-aaaaeeee | |
VPC B IPv4 CIDR |
pcx-bbbbeeee | |
VPC B IPv6 CIDR |
pcx-bbbbeeee | |
VPC C IPv4 CIDR |
pcx-cccceeee | |
VPC C IPv6 CIDR |
pcx-cccceeee | |
VPC D IPv4 CIDR |
pcx-ddddeeee | |
VPC D IPv6 CIDR |
pcx-ddddeeee | |
VPC F IPv4 CIDR |
pcx-eeeeffff | |
VPC F IPv6 CIDR |
pcx-eeeeffff | |
VPC G IPv4 CIDR |
pcx-eeeegggg | |
VPC G IPv6 CIDR |
pcx-eeeegggg | |
VPC F | VPC F IPv4 CIDR |
Local |
VPC F IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaaffff | |
VPC A IPv6 CIDR |
pcx-aaaaffff | |
VPC B IPv4 CIDR |
pcx-bbbbffff | |
VPC B IPv6 CIDR |
pcx-bbbbffff | |
VPC C IPv4 CIDR |
pcx-ccccffff | |
VPC C IPv6 CIDR |
pcx-ccccffff | |
VPC D IPv4 CIDR |
pcx-ddddffff | |
VPC D IPv6 CIDR |
pcx-ddddffff | |
VPC E IPv4 CIDR |
pcx-eeeeffff | |
VPC E IPv6 CIDR |
pcx-eeeeffff | |
VPC G IPv4 CIDR |
pcx-ffffgggg | |
VPC G IPv6 CIDR |
pcx-ffffgggg | |
VPC G | VPC G IPv4 CIDR |
Local |
VPC G IPv6 CIDR |
Local | |
VPC A IPv4 CIDR |
pcx-aaaagggg | |
VPC A IPv6 CIDR |
pcx-aaaagggg | |
VPC B IPv4 CIDR |
pcx-bbbbgggg | |
VPC B IPv6 CIDR |
pcx-bbbbgggg | |
VPC C IPv4 CIDR |
pcx-ccccgggg | |
VPC C IPv6 CIDR |
pcx-ccccgggg | |
VPC D IPv4 CIDR |
pcx-ddddgggg | |
VPC D IPv6 CIDR |
pcx-ddddgggg | |
VPC E IPv4 CIDR |
pcx-eeeegggg | |
VPC E IPv6 CIDR |
pcx-eeeegggg | |
VPC F IPv4 CIDR |
pcx-ffffgggg | |
VPC F IPv6 CIDR |
pcx-ffffgggg |