Lab Details

1. This lab walks you through how to peer VPC with Transit Gateway. You will be creating 2 VPC with a public and private subnet. Launch EC2 Instances in both of the VPC and establish peering between them.

2. You will be using the Transit gateway attachment to add VPC and add the entry in the route table. Then you will use SSH into the private EC2 from the public EC2 instance.

3. Duration: 90 minutes

4. AWS Region: US East (N. Virginia) us-east-1

Introduction

What is a Transit gateway?

• The AWS Transit Gateway helps you connect multiple VPCs and on-premises networks through a central hub. It simplifies your network with VPCs and on-premises connections and solves the problem of complex peering relationships.

• With VPC peering using the Transit gateway, your data is always encrypted and no longer uses the public internet for communication.

• Benefits of using Transit gateway:

  • Easy to connect

  • Full control

  • Greater security

  • Multicast feature

• Reasons to use Transit gateway over VPC peering:

  • VPC peering does not support transitive peering meaning, you can only peer two VPC at a time.

  • To peer your VPC with an on-premise network, you can not use VPC peering. Transit gateway supports connecting on-premise networks.

• Transit gateway limits:

  • Per transit gateway, you can have 20 transit gateway route tables.

  • Per transit gateway, you can have 10000 routes.

  • Per transit gateway, there can be 50 transit gateway attachments.

  • Per VPC you can have 5 unique transit gateway.

How Transit gateway can help you simplify your network?

• Transit Gateway acts as a cloud router that supports connecting with the following resources:

  • Amazon VPC

  • VPN Connection having Customer Gateway

  • AWS Direct Connect Gateway

• Without Transit Gateway:

  • VPC peering can have only one to one relationship between two VPCs. The complexity increases as you scale the number of connections. 

  • Maintenance of the route table is another big challenge when you are scaling, you must keep the route table having routes to VPC and connection with the on-premise network using a separate network gateway for each new connection.
    

• With Transit Gateway:

  • To interconnect Amazon VPC with an on-premise network, we can use Transit Gateway.

  • The network is standardized and easily scalable. With Transit Gateway, you have one place to manage and monitor the number of active connections for each network.
    

• Since connecting to an on-premise network is not possible virtually, In this lab, you will learn how to create a Transit gateway and use it to peer VPC.

Transit gateway use cases

• Applications can be delivered around the world.

• Move your network design from Multi-AZ to Multi-region.

• Scale quickly and respond to spikes in traffic smoothly.

• Connect to all types of networks in one place.

Architecture Diagram

Task Details

1. Launching Lab Environment

2. Create the first VPC

3. Create a Public subnet in First VPC

4. Create and attach an Internet Gateway

5. Create a Public Route Table and associate it with the subnet

6. Add public Route in the Route table

7. Launch an EC2 instance in the First VPC

8. Create a Second VPC

9. Create a Private subnet in Second VPC

10. Launch an EC2 instance in Second VPC

11. Create a Transit gateway

12. Create two Transit gateway attachment for the VPCs created

13. Add the routes in the First VPC’s route table

14. Add the routes in the Second VPC’s route table

15. Test the connectivity between two VPCs

16. Validation of the lab

17. Deleting AWS Resources