What Can I Do If VPCs in a VPC Peering Connection Cannot Communicate with Each Other?

4




  1. Check whether a VPC peering connection has been successfully created for the two VPCs. Confirm the IDs of the VPCs in the VPC peering connection.

  2. Check whether routes that point to the CIDR block (or portion of the CIDR block) of the other VPC have been configured.

  3. Check whether routes configured for the VPC peering connection are correct. If VPCs in a VPC peering connections have overlapping CIDR blocks, you can only add routes to enable communication between two subnets in the two VPCs.

  4. Check whether the VPCs in the VPC peering connection contain overlapping subnets.

  5. Check whether required security group rules have been configured for the ECSs that need to communicate with each other and whether restriction rules have been added to the iptables or firewall used by the ECSs.

  6. If a message indicating that this route already exists is displayed when you add routes for a VPC peering connection, check whether the route's destination IP addresses of the VPN and VPC peering connection already exist.

  7. If the route's destination IP addresses of a VPC peering connection overlap with those of a VPN, the route may be invalid.

  8. If VPCs in a VPC peering connection cannot communicate with each other after all these possible faults have been rectified, contact customer service.



Other related questions:
What Are the Limitations of VPC Peering Connections?
  • VPC peering connections created between VPCs that have overlapping subnet CIDR blocks may not take effect.
  • You cannot have more than one VPC peering connection between the same two VPCs at the same time.
  • You cannot create a VPC peering connection between VPCs in different regions.
  • VPC peering does not support transitive peering relationships. In a VPC peering connection, your VPC does not have access to any other VPCs that the peer VPC may be peered with. For example, VPC A is peered with VPC B, VPC B is peered with VPC C, but VPC A and VPC C are not peered, you cannot use VPC B as a transit point for peering between VPC A and VPC C.
  • You cannot use the EIPs, VPNs, or Direct Connect connections in a VPC of a VPC peering connection to access resources in the other VPC. For example, VPC A is peered with VPC B, VPC B has EIPs that can be used to access the Internet, you cannot use EIPs in VPC B to access the Internet from VPC A.
  • After a VPC peering connection is established, the local and peer tenants must add routes in the local and peer VPCs to enable communication between the two VPCs.
  • VPC A is peered with both VPC B and VPC C. If VPC B and VPC C have overlapping CIDR blocks, routes with the same destinations cannot be added in VPC A.
  • To ensure security, do not accept VPC peering connections from unknown tenants.
  • Either owner of a VPC in a peering connection can delete the VPC peering connection at any time. If a VPC peering connection is deleted by one of its owners, all information about this connection will be automatically deleted immediately, including routes added for the VPC peering connection.
  • Currently, the route table of a VPC takes effect for all subnets in the VPC. You cannot add a route table dedicated for a specific subnet. The route preference is as follows: direct route > VPC peering connection route > custom route.
  • If two VPCs in a VPC peering connection have overlapping CIDR blocks, the peering connection can only enable communication between two subnets in the two VPCs. If subnets in the two VPCs in a VPC peering connection have overlapping CIDR blocks, the peering connection does not take effect. To create a VPC peering connection, ensure that the two VPCs involved do not contain overlapping subnets.
  • You cannot delete a VPC containing VPC peering connections.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top