Question

Communicating between two VPC in the same region

Hi, I am trying out DigitalOcean and I wanted to establish communication between two droplets placed in two separate VPC. These VPCs are in the same region. I wanted to setup application server droplets in the 1st VPC and Database droplets in the second. I wanted to isolate the VPC in which DBs are placed from access using public IP. Only app servers in the 1st VPC should be allowed to communicate with the database using the private IP addresses.

I tried pinging droplet in DB server VCP from my App server VPC but ping request does not give any output.

Any help will be appreciated.


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello,

What you could do is configure a gateway as described here:

https://docs.digitalocean.com/products/networking/vpc/resources/droplet-as-gateway/

That way the two VPCs would be able to communicate with each other via that gateway.

Best,

Bobby

o “custo” que pagamos por uma cloud de menor custo. em qualquer provider como azure, aws and gcp vc pode interligar regiões diferentes, quanto mais vpc distintas. essa é uma implementação que a D.O. ainda precisa criar. e logo!


the “cost” we pay for a lower cost cloud. in any provider like azure, aws and gcp you can link different regions, perhaps different vpc. that should be urgently created… and soon!

It’s simple really, you’ve got to put a router with a public IP inside the vpc. A router can be as simple as a Linux box with the right iptables rules and the right routes.

So if you have two VPCs in any region, you create two openvpn systems within each, each with a public ip. Then you make them openvpn clients of one another and on each you make them route the vpc network through the openvpn tunnel interface.

On all your systems in vpc1 you put routes to send all vpc2 traffic to the openvpn router in vpc1. When you’re on app1 in vpc1 and you ping app2 in vpc2, the packets will follow the routes, get sent to the openvpn router, who looks at its own routes and sends those packets to the openvpn router in vpc2 and then the packets go out to the vpc2 ip for app2. It sounds complicated but its simple.