The Challenge
As deployment footprints continue to grow on AWS, multiple VPCs are required to manage and segment computing resources. When dealing with 2 VPCs, VPC peering can be used to connect one VPC to the other, but as soon as you add a third VPC, peering just one VPC to the new VPC will not allow all VPCs to communicate due to the non-transitive nature of VPC peering. That is, the only way to interconnect all VPCs in a deployment is to peer each VPC to each other which becomes unsupportable when scale.

Solution – Saving Time
A solution to this is building a transit VPC that will serve as a global network transit center based on the Cisco CSR 1000v virtual router. This transit VPC can be used to interconnect VPCs in the same region as well as across geographic regions. This design saves setup time as AWS has partnered with Cisco to build and test cloud foundation scripts that will automate the creation of a Transit VPC on AWS with the CSR 1000v. This means time is not required to build mesh peering networks between all your VPCs or to setup the high availability pair of CSRs and route tables required for the transit VPC solution. It is a huge time savings in labor costs.


blog Image Body


Solution – Saving Money
The next area where the transit VPC solution with the CSR 1000v saves you money is the absence of physical transit point. Since the solution is hosted on AWS in a virtual data center the expense of establishing a presence in a colocation transit hub is not needed. Also the truck-roll and equipment costs of deploying physical networking devices is removed from the TCO equation.

And last but not least, the final area where the solution generates savings is the ability to tailor throughput to your requirements. This means you do not need to buy a higher throughput networking device than currently necessary. Instead you can upgrade to higher throughput licenses in the future without an upfront commitment now.  See the AWS blog about this same topic here: AWS Solution – Transit VPC.

If you are interested in architectural details of the solution, see our previous blog post here: Scale to hundreds of VPCs easily with Cisco and the Transit VPC.

See our marketplace listing for the Transit VPC solution with cloud formation templates here: Cisco Cloud Services Router (CSR) 1000v – Transit Network VPC – BYOL


Matthew Packer

Product Manager, Engineering

Platform Routing