top of page
Search
Writer's pictureSherry Wei
Jul 114 min read

Connecting two VPCs with overlapping network address

In this article, we describe how to leverage Network Mode of App Services and Endpoints to connect two AWS VPCs with overlapping network addresses.


VPC-1 and VPC-2 both have a VPC CIDR 10.0.0.0/20.


Step 1. Launch a Service Node in VPC-1



    1. Login to Bumblebee portal

    2. Click Service Node on the left navigation menu

    3. Click Create Service Node

    4. Enter a new Service Node name: vpc-1-node

    5. Enter the new Service Node Group name: vpc-1-node-grp

    6. Click Create Service Node

    7. For Node Form Factor, select AWS AMI

    8. Click Continue

    9. Click Generate Cloud Init Data

    10. Copy the data for the next step


Click this link to launch the Cloud Formation script for service node instance in VPC-1. This link takes to AWS console Cloud Formation Quick create stack page. Switch to the region of VPC-1 if you need. For Parameters of the stack:


a. For SubnetID field, use the dropdown to select a private subnet in VPC-1. Make sure the private subnet has routing setup to reach Internet via NAT gateway or it can reach *.bumblebeenet.com

b. For UserData field, copy and paste the Cloud Init Data generated in the previous step.

c. For VPCID, use the dropdown menu to select VPC-1

d. Click Create stack

e. Wait for the stack creation to complete

f. You should see vpc-1-node is register on the Bumblebee portal with Admin State as "registered" and Op State as green.


Step 2. Launch a Endpoint Node in VPC-2

Step 2 is similar to Step 1, describe as follows.



    1. Login to Bumblebee portal

    2. Click Endpoint Nodes on the left navigation menu

    3. Click Create Endpoint Node

    4. Enter the Endpoint Node name: vpc-2-node

    5. Enter a new Endpoint Node Group name: vpc-2-node-grp

    6. Click Create Endpoint Node

    7. For Node Form Factor, select AWS AMI

    8. Click Continue

    9. Click Generate Cloud Init Data

    10. Copy the data for the next step


Click this link to launch the Cloud Formation script for service node instance in VPC-2. This link takes to AWS console Cloud Formation Quick create stack page. Switch to the region of VPC-2 if you need. For Parameters of the stack:


a. For SubnetID field, use the dropdown to select a private subnet in VPC-2. Make sure the private subnet has routing setup to reach Internet via NAT gateway or it can reach *.bumblebeenet.com

b. For UserData field, copy and paste the Cloud Init Data generated in the previous step.

c. For VPCID, use the dropdown menu to select VPC-2

d. Click Create stack

e. Wait for the stack creation to complete

f. You should see vpc-2-node is register on the Bumblebee portal with Admin State as "registered" and Op State as green.



Step 3. Create an App Service in Network Mode

In this step, we launch an App Service in Network Mode on the vpc-1-node.


  1. Login to Bumblebee portal

  2. Click App Services on the left navigation menu

  3. Click Create App Service

  4. For App Service Name field, enter vpc-1, as an example

  5. For Location, select Network

  6. For Real subnet CIDR lists, enter 10.0.0.0/20 (You can also enter the list of subnets on the VPC)

  7. Click Enable Address Translation

  8. Leave Virtual subnet CIDR pool unchanged

  9. For Service Node Group, select vpc-1-node-grp

  10. Click Create

  11. Wait for this app service vpc-1 to go to "available" for Admin State and turn green for Op State


Step 4. Create an Endpoint in Network Mode

After the app service is created, take the app service ID and use that to create endpoint. Here are the steps.


  1. Login to Bumblebee portal

  2. Click Endpoints on the left navigation menu

  3. Click Create Endpoint

  4. For Endpoint Name field, enter vpc-2 as an example

  5. For Location, select Network

  6. For Real subnet CIDR lists, enter 10.0.0.0/20 (You can also enter a list of subnets on the VPC)

  7. For Endpoint Node Group, select vpc-2-node-grp

  8. For Endpoint Node, select vpc-2-node

  9. Click Create

  10. Wait for its Admin State to go into "pending"


Step 5. Connect the Endpoint to App Service

After both App Service and Endpoints are connected, the App Service account should receive an email on pending connect request from the Endpoint.


  1. Login to Bumblebee portal

  2. Click App Services on the left navigation menu

  3. From the list of App Services, select the App Service "vpc-1".

  4. In the panel below the list of selected App Service, click Endpoints

  5. Select vpc-2, click Actions -> Approve

  6. The Endpoint vpc-2 should go into Accepted for Admin State

  7. Wait for the Endpoint Op State turn green


Step 6. Setup VPC routing


After Endpoint "vpc-2" connects with App Service "vpc-1", the networking between VPC-1 and VPC-2 are setup. The next step is setup routing in each respective VPCs.


An instance's IP address in a VPC is one-to-one translated to its virtual address. For example, an instance in VPC-1 is 10.0.0.100/32 is translated to 100.66.0.100/32


Since the two VPC CIDRs are overlapping, Bumblebee assigns virtual CIDRs automatically to each VPC when you enable Address Translation at Step 4. Here are the steps to find out what virtual CIDR each VPC is assigned.


  • For App Service "vpc-1", look for Virtual Subnet at the Details/Specific section. In this case, it is 100.66.0.0/20




  • For Endpoint "vpc-2", look for Virtual Subnet at the Details/Specific section. In this case, it is 100.66.16.0/20



When programming VPC route table, make sure you use virtual subnet CIDR to program the destination CIDR. For example, in VPC-1, to reach VPC-2 the destination is 100.66.16.0/20 (the VPC-2's virtual CIDR). Similarly, to reach VPC-2 from VPC-1, the destination is 100.66.0.0/20.


Resizing the Node

The initial node instance size is t2.micro. You can resize the node instance the way to resize the AWS instance.

5 views0 comments

Comments

bottom of page