How to Create a VPC Peering

Validated on 11 Dec 2024 • Last edited on 18 Dec 2024

A Virtual Private Cloud (VPC) is a private network interface for collections of DigitalOcean resources. VPC networks are inaccessible from the public internet and other VPC networks, and traffic on them doesn’t count against bandwidth usage. You can link VPC networks to each other using VPC peering connections.

VPC peering joins two VPC networks with a secure, private connection. This allows resources in those networks to connect to each other’s private IP addresses as if they were in the same network.

VPC peering is available across all regions and enables routing between any two VPC networks. The one exception is that peering between datacenters is not available in BLR1.

Peering works with the following resources:

Droplets
- Droplets created after 2 October 2024 on a peered VPC network are configured for peering automatically. If you add a peering to an existing Droplet’s VPC network, restart the Droplet’s networking stack to add the necessary peering route information. See How to Update Droplet Routes to Enable VPC Peering for instructions.
- Droplets created before 2 October 2024 must be updated manually to enable peering traffic. See How to Update Droplet Routes to Enable VPC Peering for instructions.
Managed Databases
- All managed databases are compatible with VPC peering.
Managed Kubernetes (DOKS)
- Worker nodes created after 2 October 2024 on a peered VPC network are configured for peering automatically. If you created the nodes before this date, or added your first peering connection after the nodes were created, recycle your worker nodes to add the new peering routes.

Create a VPC Peering Using the CLI

The VPC peering creation command requires you to provide two VPC network IDs for the --vpc-ids flag. Use doctl vpcs list command to retrieve a list of your VPC networks and their IDs.

How to Create a VPC Peering Using the DigitalOcean CLI

Install doctl, the DigitalOcean command-line tool.
Create a personal access token and save it for use with doctl.
Use the token to grant doctl access to your DigitalOcean account.
```
          doctl auth init
          
```

Finally, run doctl vpcs peerings create. Basic usage looks like this, but you can read the usage docs for more details:

            doctl vpcs peerings create [flags]

The following example creates a VPC Peering named example-peering-name :

              doctl vpcs peerings create example-peering-name --vpc-ids f81d4fae-7dec-11d0-a765-00a0c91e6bf6,3f900b61-30d7-40d8-9711-8c5d6264b268

Create a VPC Peering Using the API

The VPC peering creation call requires you to provide two VPC network IDs for the vpc_ids field. Use the /v2/vpcs endpoint to retrieve a list of your VPC networks and their IDs.

How to Create a VPC Peering Using the DigitalOcean API

Create a personal access token and save it for use with the API.

Send a POST request to https://api.digitalocean.com/v2/vpc_peerings

cURL

Using cURL:

                curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name": "my-first-vpc-peering", "vpc_ids": [ "997615ce-132d-4bae-9270-9ee21b395e5d", "e51aed59-3bb1-4a6a-8de0-9d1329e9c997"]}' \
  "https://api.digitalocean.com/v2/vpc_peerings"

Create a VPC Peering Using the Control Panel

To create a VPC peering, click Networking in the main menu, then click the VPC tab. In the VPC tab, click Create a Peering Connection. The Create VPC Peering dialog pops up:

The VPC peering creation interface, showing some instructions, two dropdowns for selecting the two VPCs to peer, a textbox for naming the peering, and 'Cancel' and 'Create peering connection' buttons.

In the Create VPC Peering dialog, select a VPC network, and a second VPC network to peer it with. The VPC selection fields update to show matching VPCs as you type.

Create a name for the peering or use the default generated name, then click Create peering connection to finish.

View a VPC’s Peering Connections

To view a VPC network’s peering connections, click Networking in the main menu, then click the VPC tab. Peering connections are listed under the Connections column in the VPC Networks list.

You can also click on an individual VPC network to go to its details page, then click the Peering Connections tab. All active connections are listed, and you can click Create a Peering Connection to peer another network to this VPC.