How Do CVMs or Databases Interconnect through the Private Network?
The private network communication of CVMs or databases in a VPC is actually the communication of private IP addresses at the network level, and therefore there is no difference between them. The communication methods under different private IP address scenarios are as follows:
|
| CVMs or databases in different regions belong to different VPC instances and communicate with each other through peering connections or CCN. (Both same-account and cross-account communication are supported.) |
Different availability zones | Same VPC: support interconnection by default. Different VPC instances: communicate through peering connections or CCN. (Both same-account and cross-account communication are supported.) |
| Communicate through peering connections or CCN. (Both same-account and cross-account communication are supported.) |
| Same VPC: support interconnection by default. Different VPCs: communicate through peering connections or CCN. (Both same-account and cross-account communication are supported.) |
| Cross-account communication through peering connections or CCN. (Both same-region and cross-region communication are supported.) |
Note:
For the cross-account VPC interconnection through peering connection or CCN, take note of the following:
The root account owns resources. If you want to communicate with another account through peering connection or CCN, enter the root account.
The sub-account only has the operation permission by default. Apply for permission from the root account to establish the peering connection or CCN if needed.
Private network default interconnection is present between different subnets of the same VPC (whether or not they are in the same availability zone). If they cannot connect with each other, you can first troubleshoot the firewall policies of the security group and the network ACL. What Should I Do When a Peering Connection Fails to Be Established Due to a VPC IP Range Conflict?
When you try to establish a peering connection, the CIDR blocks of the two VPC instances cannot overlap, otherwise the peering connection cannot be established.
If the IP ranges of both VPC instances that need to intercommunicate overlap but the subnet IP ranges do not overlap, then you can try to establish communication through CCN. CCN can lower IP address range limits to the subnet level when VPC instances communicate with each other.
For example, the IP ranges of both VPC instances that need to communicate with each other are both 10.0.0.0/16
, but the subnets are 10.0.1.0/24
and 10.0.2.0/24
respectively. In this case, you can establish communication through CCN. For more information, see CCN. If your needs cannot be met by using CCN, you need to migrate the resources inside the overlapping subnets.
If VPC1 Separately Establishes Peering Connections With VPC2 and VPC3, Then Can VPC2 and VPC3 Communicate with Each Other?
No, they cannot. Two VPC instances can establish interconnection through a peering connection, but this interconnection relationship is not transitive. This means that when a peering connection is established between VPC1 and VPC2 while another peering connection is established between VPC1 and VPC3, traffic interconnection is unavailable between VPC2 and VPC3 because the peering connection is not transitive.
Was this page helpful?