Forum Discussion

Lukasz_01_15307's avatar
Lukasz_01_15307
Icon for Nimbostratus rankNimbostratus
Sep 30, 2016

aws Transit VPC and Pool members in different VPC

Hello,   I have an AWS and VPC specific question. I'm trying to deploy multi-VPC environment with a version of a transit VPC (https://aws.amazon.com/answers/networking/transit-vpc/). The basic ide...
application delivery
AWS
BIG-IP
security
buzzy101_12743's avatar
buzzy101_12743
Icon for Nimbostratus rankNimbostratus
Nov 08, 2016

I managed to get this configuration to work, however I needed to route the traffic that was destined for the peer VPC via the .1 address of the entire VPC. If it was routed to the first IP of the individual subnet the traffic would not traverse the peering connection. It was a pain as it just so happened that my first subnet was being used for the management interface so the F5 wouldn't route the traffic over that address and complained if I added a route as it wasn't directly connected. Once I changed the management network to another subnet so I could route the peer VPC range to the VPC .1 address it all worked.

 

I was able to health check nodes in the peered VPC and route traffic to them via a VIP.

 

I've logged an AWS support ticket for clarification, hope that helps.

 

buzzy101_12743's avatar
buzzy101_12743
Icon for Nimbostratus rankNimbostratus
Nov 08, 2016

Just to be clear if your VPC is 10.0.0.0/24 you would need to route the traffic to the peer via 10.0.0.1 by adding this static route to the F5