How to connect VPCs using Transit Gateway

How to connect VPCs using Transit Gateway

transit gateway

In this demo, you will learn how to create a transit gateway and transit gateway attachment for 3 VPCs in the same region. We will connect the 2 private instances inside the public instance using the transit gateway

A transit gateway is a network transit hub that you can use to interconnect your virtual private clouds (VPCs) and on-premises networks. As your cloud infrastructure expands globally, inter-Region peering connects transit gateways together using the AWS Global Infrastructure.

Before creating the transit gateway we need 3 EC2 instances in 3 VPC. One instance is public and the other 2 are private.

To create an EC2 instance inside a custom VPC refer to my previous blog about 👉Creating an EC2 Instance using Custom VPC👈

Let’s begin😎

Task 1️⃣

  • Create 3 VPCs in the same region

  • VPC A — 10.10.0.0/16 & 10.10.1.0/24 (public subnet) attach IGW (Internet gateway)

  • VPC B — 10.20.0.0/16 & 10.20.1.0/24 (private subnet) don’t attach IGW

  • VPC C -10.30.0.0/16 & 10.30.1.0/24 (private subnet) don’t attach IGW

Once you create VPC and subnets it should look like this👆.

Now let’s move to the next task

Task 2️⃣

Create an ec2 instance in each VPC

  • VPC A instance under security group add the inbound rule as SSH and All traffic 10.0.0.0/8

  • VPC B and VPC C instance security groups add the inbound rule as All traffic 10.0.0.0/8

  • 10.0.0.0/8 = This will help the instance to connect with all /16 CIDR VPCs

Now we have 1 public instance and 2 private instances

Connect the public instance and try to ping the private instance inside the public instance

As we see above that we are not able to connect.

To resolve this issue we need to create a Transit gateway and Transit gateway attachment then add the Transit gateway attachment to each subnet.

And you wondering how to do all these. Don’t worry😊 I’ll show you everything in detail. Follow the below steps;

Task 3️⃣

Create Transit Gateway

Go to AWS management console → VPC → Transit gateways → create transit gateway

  • Give a name and leave everything default then click on create transit gateway

A transit gateway has been created

Next, we need to create a Transit Gateway attachment for each VPC we created.

  • To create a transit gateway attachment follow the below steps;

Go to VPC under transit gateway we can see the transit gateway attachment. Click on create transit gateway attachment

Transit gateway attachement for VPC A

Transit gateway attachment for VPC B

Transit gateway attachment for VPC C

Now we have 3 transit attachments for 3 VPCs

What do you think now if we go back to our instance and try to connect then will it get connect ?🤔

❌ No!

To connect we need to add this transit gateway attachment to each route table we created for each subnet.

To do that follow the below steps;👇

Go to route table → select each route table → click on edit routes → click on add routes → select transit gateway attachment we created → Save

📌Do the same for other route tables as well

Once you are done with that each route table should look like this👇

👏 We have done with all the configuration.

Now if we go to the instance and try ping we should be able to see it’s working

The transit gateway will be useful when we want to connect multiple VPCs. Instead of VPC peering we can go for transit gateways

With this, any VPC can connect to other VPCs which have the transit gateway rule attached

Task 4️⃣

🧹 Clean UP

  • Delete transit gateway attachments

📌 delete all three attachments like this

  • Delete transit gateway

  • Terminate the instances we created for this demo

  • Delete VPCs (all three we created for this demo)

  • Select each VPC individually and delete

Thank you!🤗