Hello,
I got confused about the transit gateway and its hub-and-spoke model.
The Transit gateway allows you to connect many VPCs. So Let’s say if I have 50 VPCs (e.g. VPC-1 … VPC-100), I can use the Transit gateway to connect them. So all of my 50 VPCs connect to the Transit Gateway once and they all can talk to each other. Is my understanding correct?
Or, Do I still have to do like VPC peering? So I need to connect like that.
* VPC1 -> VPC2, VPC3 …. VPC50
- VPC2 -> VPC1, VPC3 … VPC50
If I am adding VPC51, I need to add the following too.
- VPC51 -> VPC1, VPC2 … VPC50.
Because they work on the hub-and-spoken model. Do we have to do the same thing with the transit gateway too?
1 Answers
The Transit Gateway acts like a centralised router with one or more routing tables. If you wanted a group of VPCs to be contactable from each other you only have to connect a new VPC to the Transit Gateway once. With VPC Peering you would need to add a new connection to each existing VPC, which isn’t scalable for larger groups.
So in your example you would only add VPC51 once and it would be able to contact all other VPCs, assuming you propagate traffic from all other VPCs on the same routing table.
You can see some examples of how to setup shared or isolated subnets using routing tables here https://docs.aws.amazon.com/vpc/latest/tgw/TGW_Scenarios.html.