AWS

How to Create AWS VPC Peering Across Region

In this blog, we will show you the steps to create AWS VPC Peering across Region environment. VPC Peering allows traffic from VPC1 to be sent to VPC2, based upon the network address of the particular resource.

AWS VPC Peering Across Region

Environment Overview

For this, we are connecting two VPC’s between Tokyo and Ohio. In the Mumbai region, I have created a VPC with two subnets in a different availability zone.

How to Create VPC

1- Login with AWS account, go to the AWS Services tab and then select VPC under Networking & Content Delivery.

aws resource manager services

2- Under Virtual Private Cloud select Your VPCs
Click on Create VPC.

aws create vpc

3- Create VPC wizard,
Name tag – VPC-Ohio.
IPv4 CIDR block – 192.168.0.0/16.
Tenancy – default
Click Create

aws create vpc

4- Click close

the following vpc was created

5- Now you can see VPC successfully created in Ohio Region.

aws create vpc

Create Subnet

1- Select Subnets.
Choose Create Subnet.

subnets aws

2- Name tag – Ohio-Subnet.
VPC – select the VPC-Ohio that you created earlier.
Availability Zone
IPv4 CIDR block – Type a CIDR block. For example (192.168.0.0/24)
Click Create.

create subnet aws

3- Click close

following subnets successfully created

4- Subnets successfully created.

subnet amazon management console

Create Internet Gateway

1- Choose Internet Gateways new and then select Create Internet Gateway.

aws create internet gateway

2- Enter a name (Ohio-IGW) in the Name tag text box and then click create an internet gateway.

aws create internet gateway name

3- The internet gateway (IGW) just created is in a detached state. Now you need to attach it to the VPC.

choose the action menu select Attach to VPC.

aws internet gateway detached

4- Select your VPC-Ohio from the drop-down list and then click Attach internet gateway.

attach internet gateway

5- The internet gateway changes to attached state.

internet gateway status attached

Create Route Table

1- Select Route Tables.
Click on Create route table.

create route table

2- Name tag – Type a name for your route table (Ohio-Route).
VPC – Select your VPC-Ohio, and then select Create.

create route table name

3- Click Close

route table was created

Routing of public subnets

We need to configure the routing for our subnets. Enable traffic from the subnets to Internet by using the IGW (internet gateway) attached to the VPC.

4- Select Ohio-Route, Select Routes tab and then click Edit routes. Click Add route.

create route table

5- The traffic from the instances in the subnets intended to the Internet will be redirected to the IGW.

Reoriented to the Route Table in the Virtual Private Cloud.
Add route for the Route Table, one for the traffic to the Internet to be routed using the IGW.
Select Add rules for destination type 0.0.0.0/0 (all packets for the internet) and for targets select the Internet Gateway.

edit routes target aws

6- Select (Ohio-IGW) have created as in the earliest and then select Save routes.

edit routes target aws

7- Click close.

routes successfully edited aws

8- Successfully route edited

Choose Subnet Associations and then select Edit Subnet associations.

edit subnet associations

9- Select your subnet (Ohio-Subnet) and then click Save.

edit subnet associations save

10- Successfully edit subnet associations.

edit subnet associations

Steps to create VPC Peering connection across region in AWS

How to Create VPC Tokyo

1- Login to AWS account and choose the AWS Services tab and then select VPC under Networking & Content Delivery.

aws resource manager services

2- Under Virtual Private Cloud select Your VPCs
Click on Create VPC.

aws create vpc

3- Create VPC wizard,
Name tag – VPC-Tokyo.
IPv4 CIDR block – 10.0.0.0/16.
Tenancy – default
Click Create

aws create vpc

4- Click close

the following vpc was created

5- Now you can see VPC successfully created in Tokyo Region.

aws create vpc

Create Subnet

1- Select Subnets.
Choose Create Subnet.

subnet amazon management console

2- Name tag – Tokyo-Subnet.
VPC – select the VPC-Tokyo that you created earlier.
Availability Zone
IPv4 CIDR block – Type CIDR block. For example (10.0.0.0/24)
Click Create.

create subnet aws

3- Click close

following subnets successfully created

4- Subnets successfully created.

subnets-aws

Create Internet Gateway

1- Choose Internet Gateways new option and then click Create Internet Gateway.

aws create internet gateway

2- Enter a name (Tokyo-IGW) in the Name tag text box and then click create internet gateway.

aws create internet gateway name

3- The IGW just created is in a detached state. Now we need to attach it to you VPC.

In the action menu select Attach to VPC.

aws internet gateway detached

4- Select your VPC-Tokyo from the drop-down list and then click Attach internet gateway.

attach internet gateway

5- The internet gateway changes to attached state.

internet gateway status attached

Create Route Table

1- Select Route Tables.
Click on Create route table.

create route table

2- Name tag – Type a name for your route table (Tokyo-Route).
VPC – Select your VPC-Tokyo, and then select Create.

create route table name

3- Click Close.

route table was created

Routing of public subnets

4- We want to configure the routing for the subnets. Enable traffic from the subnets to Internet by using the IGW attached to the VPC.

Select Ohio-Route, Select Routes tab and then click Edit routes.

create route table

5- Now traffic from AWS instances in the subnets predestined to the Internet will be redirected to the Internet Gateway.

Then you can redirect to the Route Table in the Virtual Private Cloud.
Add route for the Route Table, 1 for the traffic to the Internet to be routed using the IGW.
Choose Add rules button for destination enter 0.0.0.0/0 (all packets for the internet) and then select the Internet Gateway for targets.

edit routes target aws

6- Select (Tokyo-IGW) have created as in the earliest and then select save routes.

edit routes target aws

7- Click close.

routes successfully edited aws

8- Successfully route edited

Choose Subnet Associations and then choose Edit Subnet associations.

edit subnet associations

9- Select your subnet (Tokyo-Subnet) and then click Save.

edit subnet associations save

10- Successfully edit subnet associations.

edit subnet associations-

Creating VPC Peering Connection

1- Under the virtual private cloud, select peering connections.

create route table

2- Click on create peering connection button.

create peering connection aws

3- Provide a name for the peering connection (Peering-Ohio-Tokyo) and select the local VPC (VPC-Ohio) from the drop-down list.

create peering connection requester

Go to your Tokyo region

4- Select Your VPCs
Select Description and then copy VPC ID

aws vpc id

We have created the two VPC’s indifferent under the same AWS account.

5- Select another VPN to peer with
Select the Account as My account
Region – Select Another region
Select other region (in this article I have other region Tokyo)
VPC (Accepter) – Paste VPC ID (Tokyo) we have copied earlier
After selecting the VPC (Requester) and then VPC (Accepter) click create peering connection.

create peering connection accepter

6- Click OK.

create peering connection success

7- Now peering connection is created (between Ohio and Tokyo) and in pending status.

create peering connection pending

Accepting Connection

8- Go to your other region (Tokyo).
Select Peering Connection

create peering connection aws

9- Click on Action menu and then click accept request.

create peering connection accept

10- Click on the Yes, Accept button.

accept vpc peering connection

11- VPC peering connection has been established successfully.

accept vpc peering connection request

12- Now peering connection is in active status (Tokyo).

create peering connection active aws

13- Now peering connection is in active status (Ohio).

create peering connection active aws

Updating the Routing Tables in Ohio Region

1- Go to Ohio region and access VPC dashboard. Click on the Routing table’s link.

create peering connection aws

2- Select Ohio-Route, Select Routes tab and then click Edit routes.

edit routes aws

3- Add the new route entry for Tokyo VPC Network range.
We use 10.0.0.0/16 range as the VPC network in the Tokyo region.
choose the peering connection as a target from the drop-down list.

edit routes target

4- Select peering-Ohio-Tokyo and then click save routes.

edit routes target aws

5- Click close

routes successfully edited aws

6- Successfully route edited.

create route table aws

Updating the Routing Tables in Tokyo Region

1- Go to Tokyo region and access VPC dashboard. Click on the Routing tables.
Select Tokyo-Route, select Routes tab and click on edit routes.

edit routes aws

2- Now, add the Ohio region VPC network in Tokyo Routing Table. We use 192.168.0.0/16 range as the VPC network in Ohio region.
Select Peering Connection

edit routes target aws

3- Select peering-Ohio-Tokyo and then click save routes.

edit routes target aws

4- Click close

route successfully edited

5- Successfully route edited

create route table aws

Create Instance (Tokyo Region)

1- Choose service tab and then choose EC2 under compute.

aws management console

2- Choose instance on your left side and then select Launch Instance button.

aws launch instance

3- Choose Microsoft Windows Server 2019.

aws instance choose ami

4- Choose the instance type as per your requirements.
Click Next : Configure Instance details.

aws choose instance type

5- Network – select VPC (VPC1-Tokyo).
Subnets – select Tokyo-Subnet.
Auto Assign Public IP – select Enable.
Click on Next : Add Storage.

aws configure instance details

6- Click Next : Add Tags.

aws add storage

7- Here we can tagged the instance (Tokyo-Instance)
Click on Next : Configure Security Groups

aws add tags

8- Create new Security Group.
Security group name – Tokyo-Security
Choose Protocols RDP, ALL ICMP – Ipv4, choose Source Anywhere
Click on Review and then Launch

aws configure security group

9- Review instance details and then click launch.

aws review instance launch

10- Choose Create a new key pair
Type a name of your key (tokyo-ohio-peering)
Click the download key pair button and then save it in your secured folder

aws key pair name

11- After downloading and saving your key pair, click launch instance.

aws key pair name

12- Instance created.

aws instance connect

Create Instance (Ohio Region)

1- Click on service tab and then select EC2 under compute.

aws management console

2- Select instance tab and then click on Launch Instance button.

aws launch instance

3- Select Microsoft Windows Server 2019.

aws instance choose ami

4- Click Next : Configure Instance details.

aws choose instance type

5- Network – select VPC (VPC-Ohio).
Subnets – select Ohio-Subnet.
Auto Assign Public IP – select Enable.
Click on Next : Add Storage.

aws configure instance details

6- Click Next : Add Tags.

aws add storage

Here we have tagged the instance (Ohio-Instance)

7- Click on Next : Configure Security Groups.

aws add tags

8- Create a new Security Group.
Security group name – Ohio-Security
Protocols RDP, ALL ICMP – Ipv4, choose Source Anywhere
Click on Review and Launch

aws configure security group

9- Review details and then click launch.

aws review instance launch

10- Select Create a new key pair
Type a name to your key (Ohio-Tokyo-Peering)
Click download key pair button and save it to secured folder

aws key pair name

11- After downloading key pair and saving it, click launch instance.

aws key pair name

12- Ohio-Instance successfully created.

aws instance connect

Testing VPC Peering Connection

1- Select Tokyo-Instance (Tokyo Region) and then click connect.

aws instance connect

2- Select Get Password.

get password aws

3- Select choose file and select your key pair and then click decrypt password.

key pair choose file aws

4- Copy password and click on download remote desktop file.
And login to Tokyo-Instance.

get password aws-

5- Search Firewall & network Protection.

windows server search bar

6- Disable firewall & network protection.

firewall network protection

We have successfully tested the connectivity between these two regions using the ping command. We are able to ping the server each other without any issue.

Tokyo-Instance desktop.

Open command prompt and ping Ohio-Instance IP address.

ec2 instance desktop

Ohio-Instance desktop.

Open command prompt and ping Tokyo-Instance IP address.

ec2 instance desktop

Related: How to Enable Cross Region Replication for Amazon S3.

Related: AWS VPC Peering Connection in Same Region

Jamil Parvez

Jamil Pervez works as a Network Administrator, based in Kuwait with a Primary focus on Microsoft technologies. Microsoft Certified MCSE, MCTP, MCITP, CCNP, CCIP, CCVP with 20 years of experience in administering Windows Servers, Exchange, VMWare, Veeam B&R, Veritas BackupExec.

Related Articles

Leave a Reply

Back to top button