amazon-web-servicesnetwork-programmingredisamazon-vpcinfrastructure

Multiple VPCs with same CIDR blocks to connect to Redis VPC


I'm trying make a setup on AWS with the following structure (very much simplified)

Ideal setup

Where we have different environments/stages with the same exact setup accessing a global environment. It utilizes VPC Peering and works for the first environment. I have specifically chosen CIDR 11.0.0.0/16 for the global VPC and CIDR 10.0.0.0/16 for the non-global environment so that VPC peering is possible as the CIDR blocks do not collide.

When adding a new developer to the team, an exact copy of the non-global environment is set up. While the global and non-global CIDRs does not collide, the CIDRs of the sibling environments now collides, creating an error when trying to update the global environments route table.

How does one go about this?

I guess we could rework the non-global environments CIDRs to something like 10.1.0.0/16, 10.2.0.0/16 and so on. However, we would very much not like to do this so we don't have to maintain a map of which environments has which CIDRs manually.

If there is an even better way to connect to the Redis cluster from other VPCs, I would love to hear it as well.

FYI: This is the setup for the devs and a similar setup will be made for production (albeit only with one peered connection between Redis and the production application - no other stages).


Solution

  • It is not possible to peer with multiple VPCs with the same CIDR range.

    Also, please note that a 11.x.x.x network is NOT an appropriate range, since it is using public IP addresses. You should always use Private network addresses - Wikipedia to avoid conflicting with actual IP addresses on the Internet.