Skip to main content

Use Hub Peering to Connect a Networking Hub to a Transit Gateway

Hub Peering enables connectivity between a Networking Hub and another network in AWS. The other network can be another Networking Hub, or a Transit Gateway not managed by Stax.

This article describes connecting a Stax-managed Networking Hub with a Transit Gateway not managed by Stax. For other connectivity options, see Networking Hub Peering.

Before You Begin

  • Estimated time to complete: 15 minutes

  • Ensure you are a member of the Admin role in your Stax tenancy

  • Make a note of the AWS Account ID and Transit Gateway ID, and Region of the target Transit Gateway to be peered with

Create Networking Hub Peering Connection

  1. Log in to the Stax console

  2. Choose Networks from the left-hand nav

  3. On the Networks page, choose your desired Networking Hub

  4. Select the Hub Peering tab and click + CreateScreen_Shot_2023-03-20_at_11.09.40_am.png

  5. Choose a Name for the peering connection, then select the Hub Peering Target. If the Transit Gateway is in a Stax-managed AWS account, choose Stax Account and Stax will automatically manage the peering request in both the Networking Hub and the target Transit Gateway. If the Transit Gateway is in an AWS account not managed by Stax, choose External.

  6. Enter the Destination AWS Transit Gateway ID and choose the Destination AWS Account. If using Stax Account peering, choose from the drop-down list. Otherwise, enter the AWS account number. Choose the appropriate Destination AWS Region, enter any tags then choose Create

  7. Screen_Shot_2023-03-20_at_11.26.56_am.png

  8. The Hub Peering page will now display the Hub Peering connection in the CREATING status

  9. Screen_Shot_2023-03-20_at_11.18.38_am.png

The connection will remain in the CREATING status until the creation completes. This typically takes around 15 minutes to complete. Once the connection has finished creating, its status will change to ACTIVE.

note

If you used the External Hub Peering method, see Accept External Hub Peering Request below.

Screen_Shot_2023-03-20_at_11.28.21_am.png

Accept External Hub Peering Request

If using the External method of Hub Peering, you must manually accept the Transit Gateway Attachment in the target AWS account.

mceclip0.png

  1. Log in to the AWS Console for the AWS account holding the target Transit Gateway

  2. Choose the correct region and navigate to the VPC Console

  3. From the left-hand nav, choose Transit Gateway Attachments under the TRANSIT GATEWAYS heading. The list of Transit Gateway Attachments will be displayed Screen_Shot_2022-03-29_at_12.20.17.png

  4. Review the properties of the Attachment then choose Actions and Accept transit gateway attachment to accept creation of the Attachment Screenshot_2022-03-29_at_12-22-09_Transit_gateway_attachments_VPC_Management_Console.png

  5. Once the Attachment state transitions from Pending to Available, return to Stax and choose Retry

When the Hub Peering connection transitions from PENDING_ACCEPTto ACTIVE, it is ready for use.

Configure Routing Between Networking Hubs

Once the Hub Peering connection is created, routing must be configured to permit traffic to flow between the Networking Hub and Transit Gateway. For the Networking Hub in the Hub Peering connection, create a prefix list with the following details:

ParameterValue
Prefix List typeNetworking Hub
NameEnter a suitable name for the Prefix List
Max Entries10 (or another appropriate value)
Entries - CIDR RangesEnter the target Transit Gateway's CIDR ranges you wish to reachable over the Hub Peering connection
Target typeHub Peering
Target nameChoose the Hub Peering connection created above

You must manually create the routes in the Transit Gateway that is not managed by Stax.