I am trying to setup a barebones VPC connection within the same AWS account.
- VPC-A and Subnet-A have CIDR: 10.200.1.0/24
- VPC-B and Subnet-B have CIDR: 10.200.2.0/24
Each VPC contains one EC2 instance
- 10.200.1.17 (in VPC-A, Subnet-A), let's call it EC2-A
- 10.200.2.67 (in VPC-B, Subnet-B), let's call it EC2-B
I have added the following route to the route table that is associated with both VPC-A and Subnet-A, which should route traffic from VPC-A to VPC-B based on the CIDR range of VPC-B
- (Dest | Target): 10.200.2/24 | PCX-123
(where PCX-123 is the ID of the VPC Peering Connection)
The security group associated with EC2-A and EC2-B allow all inbound and outbound traffic.
NACL for both networks are allowing all traffic
When I SSH into EC2-A, and try to ping EC2-B, I get timeout.
ping 10.200.2.67
...
...
... timeout
What am I missing?
FYI
- I tried asking in stackoverflow, but it was deemed off topic
- Yes, it in conceptually the same question as cannot ping ec2 in another vpc through peer connection, but this question is dead, the asker never responded or followed up.
Best Answer
VPC peering requires symmetrical route table entries -- the tables on each side of the peering connection need a route pointing across the peering connection to the other side.
(This still holds true when the same account is the owner of both VPCs.)