Hi, I’ve turned on vpc peering alpha access, and peered two of my vpcs together. But I couldn’t reach each other even with firewall wide open (allow all tcp, udp)
And I found this docs on vpc peering page, https://docs.google.com/document/d/1D31gsRiFFAAhS9zH1_3xOF8CGkIRhmHoK5tsRVe5We0/edit?tab=t.0
the ip route
commands weren’t really helpful, cause it just errors RTNETLINK answers: File exists
, which is correctly. the commands were just pointing every private cidrs to my vpc’s gateway, which doesn’t make sense and didn’t work.
I am wondering if anyone else have made it working successfully (just between droplets from two vpcs from the same region, nothing fancy)
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Hi there 👋,
Indeed, that doc should be the way to go for the time being!
What you could do first is to double-check that the correct routes are in place for your Droplets to communicate across the VPC peering connection. You mentioned seeing the
RTNETLINK answers: File exists
error, which suggests that a route is already in place. Run the following command to list the routes on your Droplet:Look for any routes that point to the private IP ranges of the other VPC. If the routes already exist and are correct, you don’t need to re-add them manually. Feel free to share the output here.
Also, confirm that the VPC peering connection is fully established and active. You can use the DigitalOcean API or the control panel to check the status of the VPC peering connection. It should show as
ACTIVE
and notPENDING
. You can do this by running:After that, you can test the connection by pinging the private IP addresses of the Droplets in the other VPC:
If you’re still not able to reach the other Droplet, try running
traceroute
to see where the traffic might be getting blocked:This will give you an idea of whether the traffic is reaching the VPC gateway or if it’s being blocked elsewhere.
If all else fails, I would recommend removing any manually added routes and relying on the default routes created by the VPC peering connection. If the VPC peering connection is set up correctly and the firewall is open, the Droplets should be able to communicate without needing to manually adjust routes.
If all that fails, you could reach out to the DigitalOcean support team who will be able to further advise you on this:
- Bobby.