{"id":4007,"date":"2020-09-01T18:02:45","date_gmt":"2020-09-01T12:32:45","guid":{"rendered":"https:\/\/opstree.com\/blog\/\/?p=4007"},"modified":"2025-11-20T18:44:15","modified_gmt":"2025-11-20T13:14:15","slug":"why-we-should-use-transit-direct-connect-gateways","status":"publish","type":"post","link":"https:\/\/opstree.com\/blog\/2020\/09\/01\/why-we-should-use-transit-direct-connect-gateways\/","title":{"rendered":"Why We Should Use Transit &amp; Direct Connect Gateways!"},"content":{"rendered":"\r\n<p><strong>A BIG THANK YOU TO TRANSIT AND DIRECT CONNECT GATEWAYS<\/strong><\/p>\r\n\r\n\r\n\r\n<p>In everyone\u2019s career path, this particular situation always comes when we think that everything will work out fine when, suddenly, out of the blue, we realize that a big issue is waiting to happen. We freak out about what are we gonna do before this issue knocks at your door ..Right?\u00a0<\/p>\r\n\r\n\r\n\t<div class=\"wp-block-jetpack-gif aligncenter\">\n\t\t<figure>\n\t\t\t\t\t\t\t<div class=\"wp-block-jetpack-gif-wrapper\" style=\"padding-top:55%\">\n\t\t\t\t\t<iframe src=\"https:\/\/giphy.com\/embed\/3o7btPCcdNniyf0ArS\" title=\"confused\"><\/iframe>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/figure>\n\t<\/div>\n\t\r\n\r\n\r\n<p>Something similar happened to me some time ago, so let me cut to the chase. \ud83d\ude42<\/p>\r\n\r\n\r\n\r\n<p>I will explain why there is benefit in using transit and direct connect gateways by telling you what issues we faced without it.<\/p>\r\n<p><!--more--><\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong>BEFORE THE METEOR SIZED TROUBLE HIT US : <\/strong><\/p>\r\n<p>\r\n\r\n<\/p>\r\n<div class=\"wp-block-image is-style-default\">\r\n<figure class=\"alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-4020\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2020\/08\/previous_diagram.jpg\" alt=\"\" width=\"600\" height=\"293\" \/>\r\n<figcaption>Previous implementation<\/figcaption>\r\n<\/figure>\r\n<\/div>\r\n<p>\r\n\r\n<\/p>\r\n<p>We were managing about 40+ AWS accounts along with inter-connectivity between them and our on-premises network.<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p>At the very beginning of the project, AWS offered only one single solution of connectivity between <strong>AWS-to-AWS <\/strong>and <strong>On premises-to-AWS<\/strong> and that is to connect every single <strong>VPC <\/strong>to an<strong> AWS Virtual Interface(VIF) <\/strong>via <strong>AWS Virtual Private Gateway<\/strong> as shown in the above diagram.<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p>This solution has served our <a href=\"https:\/\/opstree.com\/blog\/2025\/10\/25\/cloud-data-storage-for-big-data\/\">cloud platform<\/a> well for a number of years <strong>UNTIL<\/strong> &#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..<\/p>\r\n<p>\r\n\r\n\t<div class=\"wp-block-jetpack-gif aligncenter\">\n\t\t<figure>\n\t\t\t\t\t\t\t<div class=\"wp-block-jetpack-gif-wrapper\" style=\"padding-top:56%\">\n\t\t\t\t\t<iframe src=\"https:\/\/giphy.com\/embed\/fxgZd3OYNKGDpMTaiP\" title=\"knock\"><\/iframe>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/figure>\n\t<\/div>\n\t\r\n\r\n<\/p>\r\n<p><strong> THAT BIG TROUBLE KNOCKED AT MY DOOR<\/strong> \ud83d\ude41<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<ol>\r\n<li>We were getting frequent requests for new AWS accounts .. which means more <strong>VPCs <\/strong>and more <strong>VIFs <\/strong>.\u00a0<\/li>\r\n<li>The existing solution was limited to a maximum of <strong>50 VIF\u2019s<\/strong> <strong>per direct connect connection<\/strong> and that means we can attach only <strong>50 VPCs per direct connection<\/strong>.<\/li>\r\n<li>Adding more physical direct connect connections is <strong>time-consuming<\/strong>, near impossible to automate, and <strong>expensive<\/strong>.\u00a0<\/li>\r\n<li>And because of the increasing number <strong>VPCs<\/strong>,\u00a0 we were about to run out of available <strong>VIF&#8217;s<\/strong>. <strong>THAT WILL LEAD TO NO MORE CONNECTION BETWEEN NEW VPCs AND ON PREMISES<\/strong> <strong>AND THAT&#8217;S NOT ACCEPTABLE. <\/strong><\/li>\r\n<\/ol>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong>AND HERE COME OUR SAVIOURS:\u00a0<\/strong><\/p>\r\n<p>\r\n\r\n\t<div class=\"wp-block-jetpack-gif aligncenter\">\n\t\t<figure>\n\t\t\t\t\t\t\t<div class=\"wp-block-jetpack-gif-wrapper\" style=\"padding-top:100%\">\n\t\t\t\t\t<iframe src=\"https:\/\/giphy.com\/embed\/26BkNMC6A42Oan3nW\" title=\"savior\"><\/iframe>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t<figcaption class=\"wp-block-jetpack-gif-caption gallery-caption\">AWS GATEWAYS<\/figcaption>\n\t\t\t\t\t<\/figure>\n\t<\/div>\n\t\r\n\r\n<\/p>\r\n<p><strong>DIRECT CONNECT GATEWAY(DCGW):\u00a0<\/strong><\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong>DCGW <\/strong>enables a <strong>single VIF<\/strong> to be connected to up to<strong> 10 VPC\u2019s<\/strong> through DCGW associations. This instantly increases capacity tenfold as before we could only attach 1 VPC with 1 VIF. <strong>YIPPPEEEE<\/strong>\u00a0&#8230;.. \ud83d\ude42<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-4045\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2020\/09\/oie_e4ervrg46erw.jpg?w=840\" alt=\"\" width=\"600\" height=\"315\" \/><\/figure>\r\n<p>\r\n\r\n<\/p>\r\n<p>&nbsp;<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong>BUT BUT BUT <\/strong>\u2026 There is one downside, which is, it&#8217;s not transitive in nature i.e two VPC\u2019s connected to the same DCGW will not be able to communicate with each other.\u00a0<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p>One more issue right \ud83d\ude41 \u2026 this is where our second saviour comes \ud83d\ude42<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong>TRANSIT GATEWAY\u00a0(TGW)<\/strong><\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p><a href=\"https:\/\/aws.amazon.com\/transit-gateway\/\" target=\"_blank\" rel=\"noopener\"><strong>Transit gateway<\/strong><\/a> addressed the <strong>DCGW <\/strong>\u2018s transitive shortcoming of inter VPC communication, as VPC\u2019s could also be attached to <strong>TGW\u2019s <\/strong>in the hub\/spoke model. The result is that VPC\u2019s can intercommunicate as long as they are connected to the same <strong>TGW<\/strong>, and can also connect back to the on-premise if connected to DCGW.\u00a0<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p>So final implementation looks like something this :<\/p>\r\n<p>\r\n\r\n<\/p>\r\n<div class=\"wp-block-image\">\r\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-4022\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2020\/08\/final_diagram-1-1.jpg?w=840\" alt=\"\" width=\"600\" height=\"436\" \/>\r\n<figcaption><br \/>Setup after migrating to TGW and DCGW<\/figcaption>\r\n<\/figure>\r\n<\/div>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong><strong>LET&#8217;S <\/strong>SEE THE AFTERMATH NOW:<\/strong><\/p>\r\n<p>\r\n\r\n<\/p>\r\n<p><strong>Direct Connect Gateway allows us to attach 10 VPCs with single VIFs.<\/strong><\/p>\r\n<p>\r\n\r\n<\/p>\r\n<div class=\"wp-block-image\">\r\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-4047\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2020\/09\/dcgw.jpg?w=840\" alt=\"\" width=\"600\" height=\"174\" \/><\/figure>\r\n<\/div>\r\n<p><\/p>\r\n<div class=\"wp-block-group\">\r\n<div class=\"wp-block-group__inner-container\">\u00a0<\/div>\r\n<\/div>\r\n<p><\/p>\r\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container\">\r\n<div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\r\n<p><strong>Transit gateway allows VPCs to intercommunicate as long as they are connected to the same TGW<\/strong><\/p>\r\n\r\n\r\n\r\n<div class=\"wp-block-image\">\r\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-4049\" src=\"https:\/\/opstree.com\/blog\/\/wp-content\/uploads\/2020\/09\/tgw.jpg?w=840\" alt=\"\" width=\"600\" height=\"106\" \/><\/figure>\r\n<\/div>\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n\r\n\r\n<p>Only because of <strong>TGW<\/strong> and <strong>DCGW<\/strong> , we are now managing about <strong>90<\/strong>+ AWS accounts which were about <strong>40<\/strong> before. \ud83d\ude42<\/p>\r\n<p>So I hope that now you got some idea about what issues Transit and Direct connect gateways can solve.\u00a0\ud83d\ude42<\/p>\r\n<p>Thanks for reading, I\u2019d really appreciate the feedback. So, please leave your comment below if you guys have any queries related to this blog.<\/p>\r\n<p><strong>Related Searches &#8211; <a href=\"https:\/\/opstree.com\/aws-consulting-services\/\" target=\"_blank\" rel=\"noopener\">AWS Consulting Services<\/a> | <a href=\"https:\/\/opstree.com\/services\/cloud-engineering-services\/\" target=\"_blank\" rel=\"noopener\">Cloud Engineering Services<\/a>\u00a0<\/strong><\/p>\r\n\r\n\r\n<\/div>\r\n<\/div><\/div>\r\n<p><\/p>\r\n","protected":false},"excerpt":{"rendered":"<p>A BIG THANK YOU TO TRANSIT AND DIRECT CONNECT GATEWAYS In everyone\u2019s career path, this particular situation always comes when we think that everything will work out fine when, suddenly, out of the blue, we realize that a big issue is waiting to happen. We freak out about what are we gonna do before this &hellip; <a href=\"https:\/\/opstree.com\/blog\/2020\/09\/01\/why-we-should-use-transit-direct-connect-gateways\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Why We Should Use Transit &amp; Direct Connect Gateways!&#8221;<\/span><\/a><\/p>\n","protected":false},"author":192214992,"featured_media":29900,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[28070474],"tags":[768739294,704487337,69816,704487336],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/opstree.com\/blog\/wp-content\/uploads\/2025\/11\/DevSecOps-1.jpg","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pfDBOm-12D","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/4007"}],"collection":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/users\/192214992"}],"replies":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/comments?post=4007"}],"version-history":[{"count":28,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/4007\/revisions"}],"predecessor-version":[{"id":29964,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/posts\/4007\/revisions\/29964"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media\/29900"}],"wp:attachment":[{"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/media?parent=4007"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/categories?post=4007"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/opstree.com\/blog\/wp-json\/wp\/v2\/tags?post=4007"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}