How can you connect two Amazon VPCs through VPC peering if they are already configured with the network IPs?

Question

According to AWS documentation you can connect up to 50 VPC through VPC peering but you have to make sure there's not IP overlapping so my questions here are:

1. How can you come up with so many different local addresses. I don't think there are so many different classes of local Ips that you can use.

2. If you already have 2 vpc’s with their corresponding ip network configuration but they overlap, Do you now have to change the whole ip configuration of one of the vpc to enable vpc peering? What would happen to the whole configuration of the network (DHCP, DNS, routes, etc.)?

Answer 1

You can peer up to 125 VPCs if you ask AWS to raise your default limit. You're correct that you can't have overlapping IP ranges.

Some thoughts related to your questions

I'm designing an enterprise AWS system right now which could end up with dozens of accounts, dozens of VPCs, and many many peering connections. Many accounts gives you a more limited blast radius. I've seen enterprises with over 100 accounts. Some large enterprises apparently have thousands of accounts.

My overall structure will probably have a /19 network range, which is 8192 hosts, less AWS overheads. Each VPC will get the range it needs, perhaps as small as a /28 (16 IPs less AWS overheads = 11 IPs), some may get a /24 with 256 IPs (251 after reservations). VPCs can have their ranges enlarged now.

To answer your questions

1. A /16 block, which is the maximum size of a VPC, can have 65535 subnets. They're small subnets, of 1 IP, but you can do it. To be practical, you could still have thousands of subnets.

2. Yes, you would basically just recreate your VPC and all resources inside it to enable VPC peering. Ideally you'll use something like CloudFormation so you're doing infrastructure as code, to make it easier. There may be a way to generate a CloudFormation script from a VPC, you'll have to Google that. Don't expect it to be trivial.