Skip to navigationSkip to main contentSkip to footerScaleway DocsSparklesIconAsk our AI
SparklesIconAsk our AI
ProfileOutlineIcon Log inSign up

VPC Peering - Concepts

InformationOutlineIcon
Note

VPC Peering is currently in Public Beta, and available only via the Scaleway API.

CIDR block

When you create a Private Network, it gets two CIDR blocks (IPv4 and IPv6). As you attach resources to the Private Network, their private IP addresses will come from these blocks. Read more about CIDR blocks.

For two VPCs to be successfuly peered, none of the CIDR blocks attributed to their Private Networks may overlap. If an overlap is detected, the two peering connectors will show a Conflict state. As you cannot modify the CIDR block of a Private Network after creation, you must delete Private Networks as necessary and recreate them with different CIDR blocks. Only when no CIDR block overlap is detected, can the two VPCs be peered.

Custom routes

To route traffic between two peered VPCs, you must create custom routes on each side. These are user-defined, personalized routes that let you route all traffic destined for an IP address within a defined range, to a designated next hop. The next hop can be a resource within this VPC, or a peered VPC. How to create custom routes.

Origin VPC

The VPC that initiates a peering connection. When you create a peering connector, you designate one of your own VPCs as the origin, and another VPC as target. This expresses your consent, as a manager of the origin VPC, to peer with the target VPC.

Orphan

A peering connector is designated as orphan when no matching connector has been created by a manager of the target VPC. This prevents a peering connection from being established.

Peering connector

A peering connector constitutes one side of a VPC peering connection. It represents an intent to peer with another VPC.

A VPC owner/manager creates a connector defining one of their own VPCs as origin, and another VPC as target (this VPC could be in the same Scaleway Project/Organization, or a different one). When an owner/manager of the target VPC creates a matching connector, defining their own VPC as origin and the other VPC as target, the VPCs are peered. Traffic can then be routed between them via custom routes.

Peering connection

A peering connection is a link between two Scaleway VPCs. It allows them to route traffic between their resources via custom routes.

A connection is established when managers of two compatible VPCs each create a peering connector towards the other.

Target VPC

The VPC that is identified in a peering connection as the VPC to peer with. While the user creating the connector must have ownership or management rights over the origin VPC, they do not need to have any rights over the target VPC. Peering will only be established when an owner or manager of the target VPC creates a matching connector, defining their own VPC as origin and the other VPC as target.

Transitive peering

Scaleway VPC Peering natively supports transitive peering across up to four chained VPCs. This means VPC A can communicate with VPC C via an intermediate VPC B (A ↔ B ↔ C), even though VPC A and C are not directly connected with a peering connector.

To allow transitive peering across chained VPCs, additional custom routes must be created in each VPC of the transitive chain.

VPC Peering

Scaleway VPC Peering is a networking service that enables two Scaleway VPCs to establish a private peering connection and route traffic between their resources.

This allows you to connect two VPCs - whether they belong to the same Scaleway Project or Organization, or different ones - for isolated traffic routing, away from the public internet. The two VPCs must be in the same Scaleway region, and an owner/manager of each VPC must create a matching connector to enable peering.

Still need help?

Create a support ticketArrowRightIcon
SearchIcon
No Results