Table of Contents |
---|
Introduction
Excerpt |
---|
Since the 2023 Direct Connect architecture fully interconnects all VPCs using Direct Connect (i.e., attached to the Transit Gateway), individual peering between VPCs is no longer technically necessary. |
However, since VPC peering has no cost, and traffic between two VPCs using the Transit Gateway does have a cost, VPC peering has a place in Cornell AWS networking in certain situations.
When to Setup Peering
- High-volume data transfer
- Ultra-low latency data transfer – Traffic using peering connections makes exactly one hop. Traffic using a Transit Gateway makes about four hops.
- When Security Groups in one VPC need to reference Security Groups in the peered VPC. – Transit Gateway connectivity does not support cross-VPC Security Group references.
- When one of the VPCs is not connected to the Transit Gateway (and thus not using Direct Connect).
- When both VPCs reside in AWS account(s) that you own, and your team has expertise the to setup peering.
When to Avoid Peering
- Transient data transfer
- Development or experimental workloads
- Low- and medium-volume data transfer