VPC Peering Print

  • 28

This article explains how to route traffic between Rcs VPCs. This feature is called VPC Peering.

What Is a Rcs VPC?

A Rcs Virtual Private Cloud (VPC) is a private network that connects two or more cloud servers in the same Rcs location.

Here's an example scenario:
Alice is a Rcs customer that needs to replicate data between two web servers. She prefers to do this through a VPC for privacy and to reduce her bandwidth charges.

  • She set up two web servers, and connected them to the internet and a Rcs VPC.
  • She used RFC1918 addresses on the private VPC interface. (10.1.0.0/20)
  • She used publicly-routable IP addresses on the public interface.

A basic VPC

Alice also has two database servers with similar requirements, so she set up a second VPC for her database servers. She named her VPCs LAX1 and LAX2. Her network now looks like this:

A basic VPC

VPCs are entirely private, even from each other. Neither of Alice's VPCs can see the other's traffic, so her web and database servers must connect over the public internet. This isn't ideal for privacy or bandwidth.

What Is VPC Peering?

VPC peering routes traffic between two VPCs. You can establish VPC peering within the same account or between accounts.

VPC Peering within an Account

Because both of Alice's VPCs are in the same location, she can use VPC peering to connect them like this:

VPC Peer in the same account

Now her web servers can communicate with the databases privately without any risk of bandwidth overage charges.

VPC Peering between Accounts

Bob wants to connect his web servers to Alice's databases. They have different accounts, but they are both in Los Angeles.

  • Alice creates a VPC named LAX3.
  • Bob creates a VPC named LAX4.

They exchange their network information and create a VPC peering connection like this:

VPC Peer in different accounts

Rcs's VPC peering creates some exciting new capabilities. Now that we've demonstrated the high-level concepts, let's learn how it works.

VPC Peering Requirements

  • You need two Rcs VPCs in the same location. See the Rcs VPC documentation to learn how to create a VPC.

  • The VPCs can be in the same account or different accounts.

  • The IP subnets in each VPC must not overlap.

  • VPC peering is a one-to-one relationship. You can't connect one VPC to multiple VPCs.

  • The subnets in both VPCs must be compatible with RFC1918. The valid IP ranges are:

    • From 10.0.0.0 through 10.255.255.255 (10/8 prefix)
    • From 172.16.0.0 through 172.31.255.255 (172.16/12 prefix)
    • From 192.168.0.0 through 192.168.255.255 (192.168/16 prefix)

When you create a VPC, you can accept an automatic IP range or configure it manually. You'll find a helpful link to our subnet calculator if you choose manual configuration.

VPC networks

VPC Peering within the Same Account

When you create a VPC peering connection, a requester initiates the connection request to an accepter, who approves or denies the request. When you set up a VPC peering within the same account, you are the accepter and the requester.

Here's how Alice creates the connection between LAX1 and LAX2, step-by-step.

  1. Alice navigates to the VPC Peering page in her account and clicks Add Connection.

  2. She enters the VPC connection request by filling out this form.

    Alice VPC Request

    • She selects the LAX1 VPC network in Your VPC.
    • She enters a description.
    • She selects My Account for Connect To:
    • She chooses the LAX2 VPC network from My Account.
  3. Alice clicks Request Connection to start the process, which puts the VPC peering connection in Pending status.

    Alice VPC Request

  4. Alice clicks the edit icon to view the request. It looks like a pencil. Because Alice is both the requester and the accepter, she sees both sides of the request.

    Alice VPC Request

    If Alice decides to cancel the request, she can click either Cancel Request or Deny. In this case, they both mean the same thing.

  5. Because Alice wants to proceed, she clicks Accept, and the connection begins provisioning. In a couple of minutes the status changes to Active, and the process is complete.

    Alice VPC Request

Remove the VPC Peer

When Alice wants to end the peering connection, she navigates back to the connection page and clicks Close this Connection.

Alice VPC Request

VPC Peering between Accounts

To create a VPC peering connection between accounts, the requester account initiates a request to the accepter account, who can approve or deny the request.

Here's how Alice and Bob create their VPC peering connection, step-by-step.

  1. Alice sends the VPC UUID for LAX3 to Bob through email or some other method.

  2. Bob navigates to his VPC Peering page and clicks Add Connection.

  3. Bob enters the VPC connection request:

    Bob Alice VPC Request

    • He selects LAX4 in Your VPC.
    • He enters a description.
    • He chooses Other Account for Connect To:
    • He enters the UUID that Alice sent him. This UUID is an example, yours will be different.
  4. Bob clicks Request Connection, which puts the VPC peering connection in Pending status until Alice accepts the request.

    Bob Pending Request

  5. While waiting for Alice to accept, Bob has the option to cancel the request.

    Bob Pending Request

  6. Alice can Accept or Deny the request.

    Alice accept Bob

  7. Alice clicks Accept, and the connection begins provisioning. In a couple of minutes the status changes to Active, and the process is complete.

    Active

Remove a VPC Peering Connection

Either Alice or Bob can end VPC peering by clicking Close this Connection.

Alice accept Bob

How to Configure Network Routing on your Instance for VPC Peering

If your operating system uses the latest cloud-init, you do not need any manual configuration when attaching a server to your VPC. Rcs pre-loads the newest version of cloud-init for these operating systems:

  • AlmaLinux 8
  • CentOS 8
  • CentOS Stream 8
  • Debian 11
  • Fedora 34
  • Fedora 35
  • Rocky Linux 8
  • Ubuntu 20.04
  • Ubuntu 21.04
  • Ubuntu 21.10
  • VzLinux 8

If you use a different operating system, you must add a persistent route that forwards your subnet's traffic to the VPC's gateway.

The VPC gateway is always the .1 IP address of your VPC subnet.
For example, if your VPC's subnet is 10.10.10.0/20, then your gateway is 10.10.10.1.

If you need to add routes manually, please see the documentation for your operating system. You may also find these articles helpful:

This article explains how to route traffic between Rcs VPCs. This feature is called VPC Peering. What Is a Rcs VPC? A Rcs Virtual Private Cloud (VPC) is a private network that connects two or more cloud servers in the same Rcs location. Here's an example scenario: Alice is a Rcs customer that needs to replicate data between two web servers. She prefers to do this through a VPC for privacy and to reduce her bandwidth charges. She set up two web servers, and connected them to the internet and a Rcs VPC. She used RFC1918 addresses on the private VPC interface. (10.1.0.0/20) She used publicly-routable IP addresses on the public interface. Alice also has two database servers with similar requirements, so she set up a second VPC for her database servers. She named her VPCs LAX1 and LAX2. Her network now looks like this: VPCs are entirely private, even from each other. Neither of Alice's VPCs can see the other's traffic, so her web and database servers must connect over the public internet. This isn't ideal for privacy or bandwidth. What Is VPC Peering? VPC peering routes traffic between two VPCs. You can establish VPC peering within the same account or between accounts. VPC Peering within an Account Because both of Alice's VPCs are in the same location, she can use VPC peering to connect them like this: Now her web servers can communicate with the databases privately without any risk of bandwidth overage charges. VPC Peering between Accounts Bob wants to connect his web servers to Alice's databases. They have different accounts, but they are both in Los Angeles. Alice creates a VPC named LAX3. Bob creates a VPC named LAX4. They exchange their network information and create a VPC peering connection like this: Rcs's VPC peering creates some exciting new capabilities. Now that we've demonstrated the high-level concepts, let's learn how it works. VPC Peering Requirements You need two Rcs VPCs in the same location. See the Rcs VPC documentation to learn how to create a VPC. The VPCs can be in the same account or different accounts. The IP subnets in each VPC must not overlap. VPC peering is a one-to-one relationship. You can't connect one VPC to multiple VPCs. The subnets in both VPCs must be compatible with RFC1918. The valid IP ranges are: From 10.0.0.0 through 10.255.255.255 (10/8 prefix) From 172.16.0.0 through 172.31.255.255 (172.16/12 prefix) From 192.168.0.0 through 192.168.255.255 (192.168/16 prefix) When you create a VPC, you can accept an automatic IP range or configure it manually. You'll find a helpful link to our subnet calculator if you choose manual configuration. VPC Peering within the Same Account When you create a VPC peering connection, a requester initiates the connection request to an accepter, who approves or denies the request. When you set up a VPC peering within the same account, you are the accepter and the requester. Here's how Alice creates the connection between LAX1 and LAX2, step-by-step. Alice navigates to the VPC Peering page in her account and clicks Add Connection. She enters the VPC connection request by filling out this form. She selects the LAX1 VPC network in Your VPC. She enters a description. She selects My Account for Connect To: She chooses the LAX2 VPC network from My Account. Alice clicks Request Connection to start the process, which puts the VPC peering connection in Pending status. Alice clicks the edit icon to view the request. It looks like a pencil. Because Alice is both the requester and the accepter, she sees both sides of the request. If Alice decides to cancel the request, she can click either Cancel Request or Deny. In this case, they both mean the same thing. Because Alice wants to proceed, she clicks Accept, and the connection begins provisioning. In a couple of minutes the status changes to Active, and the process is complete. Remove the VPC Peer When Alice wants to end the peering connection, she navigates back to the connection page and clicks Close this Connection. VPC Peering between Accounts To create a VPC peering connection between accounts, the requester account initiates a request to the accepter account, who can approve or deny the request. Here's how Alice and Bob create their VPC peering connection, step-by-step. Alice sends the VPC UUID for LAX3 to Bob through email or some other method. Bob navigates to his VPC Peering page and clicks Add Connection. Bob enters the VPC connection request: He selects LAX4 in Your VPC. He enters a description. He chooses Other Account for Connect To: He enters the UUID that Alice sent him. This UUID is an example, yours will be different. Bob clicks Request Connection, which puts the VPC peering connection in Pending status until Alice accepts the request. While waiting for Alice to accept, Bob has the option to cancel the request. Alice can Accept or Deny the request. Alice clicks Accept, and the connection begins provisioning. In a couple of minutes the status changes to Active, and the process is complete. Remove a VPC Peering Connection Either Alice or Bob can end VPC peering by clicking Close this Connection. How to Configure Network Routing on your Instance for VPC Peering If your operating system uses the latest cloud-init, you do not need any manual configuration when attaching a server to your VPC. Rcs pre-loads the newest version of cloud-init for these operating systems: AlmaLinux 8 CentOS 8 CentOS Stream 8 Debian 11 Fedora 34 Fedora 35 Rocky Linux 8 Ubuntu 20.04 Ubuntu 21.04 Ubuntu 21.10 VzLinux 8 If you use a different operating system, you must add a persistent route that forwards your subnet's traffic to the VPC's gateway. The VPC gateway is always the .1 IP address of your VPC subnet. For example, if your VPC's subnet is 10.10.10.0/20, then your gateway is 10.10.10.1. If you need to add routes manually, please see the documentation for your operating system. You may also find these articles helpful: How to Create a Rcs Virtual Private Cloud (VPC) How to Find the Network Adapter Names for a Rcs Cloud Server

Was this answer helpful?
Back

Powered by WHMCompleteSolution