Overlapping Private Address Spaces - AWS and On Premises - Anuj Varma, Hands-On Technology Architect, Clean Air Activist

What happens if my on premises (data center)) private address space overlaps with the private address space on AWS?

On the public cloud, private address space overlaps may occur for different use cases:

Multiple AWS VPCs – each with the default 10.0.0.0/16 address space. That’s a common scenario – and it most commonly comes into play when you have multiple cloud VPCs (e.g. two peered VPCs on AWS).
Your cloud hosted EC2 instances (or PaaS services) need to privately connect to a partner (or customer) IP address / range. You have no control over your partner’s private address space.

Network Address Translation (NAT) can be used to connect two networks with overlapping private address spaces. However:

a) Not all networks do automatic NATting
b) Even with NATing, you may end up with a scenario where you have the same private IP address on both sides of a VPN Tunnel.

What about using 172.X.X.X on AWS and 10.X.X.X on premises?

Yes – that solves the private address space overlap issue. Since your CIDR blocks are totally different, there’s no potential overlap.

Helpful Links

10.X and 172.X and 192.X address spaces

VPC and Subnet Routing on AWS

AWS Site to Site VPN Guide – Including Route Propagation

Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.

Initial Consultation

Anuj Varma – who has written 1217 posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.

Overlapping Private Address Spaces – AWS and On Premises

No Comments Yet

Leave a Reply Cancel reply