AWS 多 VPC VPN 共享可能性
[英]AWS Multi VPC VPN Sharing Possibility
问题描述
I have 2 accounts in AWS.
我在 AWS 中有 2 个帐户。 Both accounts have 1 custom VPC created.两个账户都创建了 1 个自定义 VPC。
Account A = VPC A账户 A = VPC A
Account B = VPC B账户 B = VPC B
VPC Peering is done between Account A (VPC A) to Account B (VPC B). VPC 对等是在账户 A (VPC A) 到账户 B (VPC B) 之间完成的。 All resources between between are accessible via Peering connection.之间的所有资源都可以通过对等连接访问。
Problem is:问题是:
The VPN to Customer is established from Account A (VPC A).到客户的 VPN 是从账户 A (VPC A) 建立的。 I have few resources in Account B (VPC B) that also needs to have access to Customer's VPN.我在账户 B (VPC B) 中几乎没有资源也需要访问客户的 VPN。
Is there any hack or solution available to achieve this ?是否有任何黑客或解决方案可用于实现这一目标? or I will only have to go for new VPN from Account B (VPC B) ?或者我只需要从账户 B (VPC B) 购买新的 VPN? I believe there should be some workaround for that ?我相信应该有一些解决方法吗?
1 个解决方案
解决方案1
0 2019-01-10 13:13:52
VPC peering does not support edge-to-edge transit traffic. VPC 对等互连不支持边缘到边缘传输流量。 No gateway services are accessible across a VPC peering connection, including VPC Hardware VPN connections and Direct Connect.通过 VPC 对等连接无法访问网关服务,包括 VPC 硬件 VPN 连接和 Direct Connect。
Your scenario requires either a separate VPN connection to each VPC or the VPN connection needs to move to a AWS Transit Gateway , which allows that VPN connection to have access to VPCs that are also connected to the Transit Gateway.您的方案要求要么给每个VPC或VPN连接需要一个单独的VPN连接移动到AWS交通网关,它允许VPN连接来访问也连接到交通网关的VPC。
Based on current pricing, a second VPN connection appears to be more cost-effective in this case, because Transit Gateway charges for the connections between VPCs and a per-gigabyte transport charge.根据当前的定价,在这种情况下,第二个 VPN 连接似乎更具成本效益,因为 Transit Gateway 对 VPC 之间的连接和每 GB 传输费用收费。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.