Use Hub Peering to Connect a Networking Hub to a Transit Gateway
Hub Peering enables connectivity between a Networking Hub and another network in AWS. The other network can be another Networking Hub, or a Transit Gateway not managed by Stax.
This article describes connecting a Stax-managed Networking Hub with a Transit Gateway not managed by Stax. For other connectivity options, see Networking Hub Peering.
Before You Begin
- Estimated time to complete: 15 minutes
- Ensure you are a member of the Admin role in your Stax tenancy
- Make a note of the AWS Account ID and Transit Gateway ID, and Region of the target Transit Gateway to be peered with
Create Networking Hub Peering Connection
- Log in to the Stax console
- Choose Networks from the left-hand nav
- On the Networks page, choose your desired Networking Hub
- Select the Hub Peering tab and click + Create
- Choose a Name for the peering connection, then select the Hub Peering Target. If the Transit Gateway is in a Stax-managed AWS account, choose Stax Account and Stax will automatically manage the peering request in both the Networking Hub and the target Transit Gateway. If the Transit Gateway is in an AWS account not managed by Stax, choose External.
- Enter the Destination AWS Transit Gateway ID and choose the Destination AWS Account. If using Stax Account peering, choose from the drop-down list. Otherwise, enter the AWS account number. Choose the appropriate Destination AWS Region, enter any tags then choose Create
- The Hub Peering page will now display the Hub Peering connection in the CREATING status
The connection will remain in the CREATING status until the creation completes. This typically takes around 15 minutes to complete. Once the connection has finished creating, its status will change to ACTIVE.
If you used the External Hub Peering method, see Accept External Hub Peering Request below.
Accept External Hub Peering Request
If using the External method of Hub Peering, you must manually accept the Transit Gateway Attachment in the target AWS account.
- Log in to the AWS Console for the AWS account holding the target Transit Gateway
- Choose the correct region and navigate to the VPC Console
- From the left-hand nav, choose Transit Gateway Attachments under the TRANSIT GATEWAYS heading. The list of Transit Gateway Attachments will be displayed
- Review the properties of the Attachment then choose Actions and Accept transit gateway attachment to accept creation of the Attachment
- Once the Attachment state transitions from Pending to Available, return to Stax and choose Retry
When the Hub Peering connection transitions from PENDING_ACCEPTto ACTIVE, it is ready for use.
Configure Routing Between Networking Hubs
Once the Hub Peering connection is created, routing must be configured to permit traffic to flow between the Networking Hub and Transit Gateway. For the Networking Hub in the Hub Peering connection, create a prefix list with the following details:
| Parameter | Value |
|---|---|
| Prefix List type | Networking Hub |
| Name | Enter a suitable name for the Prefix List |
| Max Entries | 10 (or another appropriate value) |
| Entries - CIDR Ranges | Enter the target Transit Gateway's CIDR ranges you wish to reachable over the Hub Peering connection |
| Target type | Hub Peering |
| Target name | Choose the Hub Peering connection created above |
You must manually create the routes in the Transit Gateway that is not managed by Stax.