I am trying to create a private network with a vendor using AWS TGW.
My Org
1. VPC-A:
CIDR: 10.50.0.0./16
Subnets:
Subnet-1: 10.50.1.0./24
Subnet-2: 10.50.2.0./24
2. VPC-B:
CIDR: 10.50.0.0/16
Subnets:
Subnet-3: 10.50.3.0./24
Subnet-4: 10.50.4.0./24
Vendor
1. VPC-C
CIDR 10.60.0.0/16
My Org: TGW with ARM TGW 1. TGW-Attachment for VPC-A, VPC-B, VPC-C
As you might have already observed, VPC A and VPC B have an overlapping CIDR and TGW doesn't like that.
What I want is:
- Traffic to route between VPC-A and VPC-C
- Traffic to route between VPC-B and VPC-C
- Traffic is not required to route between VPC-A and VPC-B
Changing the CIDR is not an option.
What are my options?
Can I achieve the above by creating a new TGW? So That TGW-1-> VPC-A and VPC-C and TGW-2 -> VPC-B and VPC-C
for my understanding and if don't want to deal with NAT gateways, you can achieve your requirements by creating two separate Transit Gateways (TGWs), one for VPC-A and VPC-C, and another for VPC-B and VPC-C.
By creating two separate TGWs, you can avoid the overlapping CIDR range issue (as per Amazon Transit Gateway FAQs), and route traffic between VPC-A and VPC-C via TGW-1, and traffic between VPC-B and VPC-C via TGW-2.
You would need to create two separate TGWs, and attach VPC-A and VPC-C to TGW-1, and VPC-B and VPC-C to TGW-2. You can then create TGW peering between TGW-1 and TGW-2 to allow communication between VPC-C and both VPC-A and VPC-B.
Here are the high-level steps to achieve this: