Neha Adwankar's team blog

🚀Establish a communication mechanism for their instances to communicate seamlessly using the AWS Transit Gateway.

Neha Adwankar's photo
Neha Adwankar
·

4 min read

Virtual private cloud (VPC)

A virtual private cloud, or VPC, is a cloud-based network. Like having a separate network inside a bigger network, it enables you to have your own private area of the internet. A variety of resources, including servers, databases, and storage, can be created and managed within this virtual private cloud. You have authority over the network environment when you use a VPC. It is possible to control who has access to your resources and how they can interact by defining access rules, configuring security groups, and installing firewalls.

Azure vNet to AWS VPC

Subnets

A subnet is a range of IP addresses in your VPC. A subnet must reside in a single availability zone. After you add subnets, you can deploy AWS resources in your VPC.

Internet Gateways

Your VPC and another network are connected via a gateway. To link your VPC to the internet, for instance, utilize an internet gateway. To securely connect to AWS services, use a VPC endpoint rather than a NAT or internet gateway.

Route table

Use route tables to determine where network traffic from your subnet or gateway is directed.

Peering connections

To route traffic between the resources in two VPCs, use a VPC peering connection.

Transit Gateway

With just one gateway, thousands of Amazon VPCs and on-premises networks can be connected via the networking service AWS Transit Gateway. All traffic is routed to and from each VPC or VPN using a hub-and-spoke architecture, and all management and monitoring is done in one location. For hybrid cloud settings as well as within AWS, Amazon Transit Gateway offers effective and adaptable connectivity and routing.

In simpler terms, AWS Gateway is like a central hub that connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks.

The challenge is to establish a communication mechanism for their instances to communicate seamlessly using the AWS Transit Gateway.

Provision VPCs:

  • Step 1:

  • Create Two VPCs with name

    vpc1 has their CIDR block 10.0.0.0/16

    vpc2 has their CIDR block 198.0.1.0/24

  • Create subnets in their different VPCs.(e.g., Subnet1 , Subnet2)

  • Provision 2 Internet gateways (e.g., Ohio IGW1, Oregon IGW2) and connect the internet gateways with the VPCs (e.g. Ohio-VPC1-IGW1, Oregon-VPC2-IGW2)

  • Rename default 2 route tables as Ohio-VPC1-RT1 and Oregon-VPC2-RT2

  • Change the default route tables to add a route to its IGW.

  • Ensure that the subnets are associated with V PC's default route tables.

Provision Transit Gateway

  • Step 2:

  • Provision Transit Gateways with the name (e.g. Ohio-TG1, Oregon-TG2)

  • Provide Amazon side Autonomous System Number (ANS): 4200000000

  • Leave all other settings as default.

  • After creating both transit gateways with both VPCs as an attachment,

  • Observe both transit gateway routing tables. VPC's should be propagated.

Provision EC2

  • Step 3:

  • Modify the security groups in their different regions to open Inbound port for Telnet, i.e. Port 23

  • Port 23 should be opened to the CIDR block of the other VPC

  • (Note: For Ohio-VPC-1, it should be open to the CIDR block of Oregon-VPC2, i.e., 198.0.0.0/16. For Oregon-VPC-2: It should be open to the CIDR

  • block of Ohio-VPC1.

  • Create 2 EC2 instances in different regions. (e.g.Ohio-EC2-1 and Oregon-EC2-2)

    Note: Any instance should be disabled as a public IP.

  • Associate it with its security groups.

Create Peering

  • Step 4:

  • Add a peering attachment for both different regions.(e.g. Ohio,Oregon)

  • Note: You will need a Transit Gateway ID for both regions.

  • While creating peer attachments, change the attachment type form VPC to peering

Accept the peer attachment request

  • Step 5:

Go to Transit Gateway attachments and select the accept peer attachment request from Oregon-TG2.

Modify Transit Gateway Route Table

  • Step 6:

  • Modify the route tables of BOTH Transit Gateway-

  • For Oregon:Create a static route for Ohio-VPC-1, i.e. 10.0.0.0/16

For Ohio: Create a static route for Oregon-VPC-2, i.e. 198.0.0.0/16

SSH and TELNET

  • Step 7:

    For SSH:

  • chmod 400 (keypair file name)

  • ssh-i (keypair file name) ubuntu@ IPaddress

  • Commands for Telnet

  • Step 8:

  • to check

    apt show telnetd

  • Install Telnet

    sudo apt install telnetd -y

  • Check the Telnet’s Status

    $ sudo systemctl status inetd

  • Configure Firewall for Telnet

    $ sudo ufw enable

    $ sudo ufw allow 23

  • Test the Telnet Server

    $ telnet 192.168.1.2

  • To exit

    $exit

NOW YOU SHOULD BE ABLE TO TELNET FROM EC2-1 TO EC2-2 VIA TRANSIT GATEWAY PEERING.

#Happy Learning

Kindly feel free to ask any queries in the section below. I'd be pleased to respond to them.

Please follow and use the heart❤❤ button below to express your support if you think this content is helpful 😊.

I appreciate you taking the time to read.

transitgetwayperringAWSvpctransit gatewayInternet Gatewayinternet security#TWS#shubhamLondhesubnetroutingroute53