I'm having an IPSec tunnel created between two AWS regions, using strongswan. When one region servers are restarted then strongswan wasn't able to ping to the private servers in the second region. It was working before. Is it a good idea to have an AWS resource (VPC peering) for the tunnel to create, so that I could solve this issue?
我正在使用strongswan在两个AWS区域之间创建IPSec隧道。重新启动一个区域服务器时,strongswan无法ping到第二个区域中的专用服务器。它以前工作过。为隧道创建AWS资源(VPC对等)是否是一个好主意,以便我可以解决这个问题?
1 个解决方案
#1
0
I think in general it's a better idea to use VPC peering instead of IPsec tunnels to connect multiple VPCs. VPC peering is managed by AWS and reduces your maintenance effort. You can only apply VPC peering between a few regions. See the blog post for more details.
我认为通常使用VPC对等而不是IPsec隧道来连接多个VPC是个更好的主意。 VPC对等由AWS管理,可减少您的维护工作量。您只能在几个区域之间应用VPC对等。有关详细信息,请参阅博客文章。
See guide for further details: https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/Welcome.html
有关详细信息,请参阅指南:https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/Welcome.html
For connecting multiple regions with VPC peering see this blog post: https://aws.amazon.com/blogs/aws/new-almost-inter-region-vpc-peering/
有关使用VPC对等连接多个区域,请参阅此博客文章:https://aws.amazon.com/blogs/aws/new-almost-inter-region-vpc-peering/
#1
0
I think in general it's a better idea to use VPC peering instead of IPsec tunnels to connect multiple VPCs. VPC peering is managed by AWS and reduces your maintenance effort. You can only apply VPC peering between a few regions. See the blog post for more details.
我认为通常使用VPC对等而不是IPsec隧道来连接多个VPC是个更好的主意。 VPC对等由AWS管理,可减少您的维护工作量。您只能在几个区域之间应用VPC对等。有关详细信息,请参阅博客文章。
See guide for further details: https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/Welcome.html
有关详细信息,请参阅指南:https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/Welcome.html
For connecting multiple regions with VPC peering see this blog post: https://aws.amazon.com/blogs/aws/new-almost-inter-region-vpc-peering/
有关使用VPC对等连接多个区域,请参阅此博客文章:https://aws.amazon.com/blogs/aws/new-almost-inter-region-vpc-peering/