It is good to know about the AWS network limits both for planning and troubleshooting: you can build your architecture to allow you to overcome these limits and it saves you time of troubleshooting when there is a failure or downtime in your network.
For example, an AWS VGW carries a hard limit of 100 BGP routes in total. When the BGP prefixes exceed 100, VGW randomly resets the BGP session, leading to unpredictable potential network downtime.
AWS publishes VPC limits at this link.
In addition to limits, there are limitations in functionality.
Below is a list of commonly asked limits and limitations by network engineers.
| Functions | Limits Comm | ents |
|---|---|---|
| VPC Peering Limit per VPC | 125 | default limit is 50. Constrained also by route limit of 100 |
| VPC Route entries in a route table | 100 | default is 50. Performance impact on 100 routes. |
| BGP prefix total on VGW | 100 | exceeding the limit results in random BGP resets |
VGW instance size scaling DNAT function in VGW SNAT function in VGW NAT Gateway policies VPN connections per VPC |
reset BGP not available not available not available 10 |
trigger a BGP downtime |
VPN traffic initiation VIF per Direct Connect |
from on-prem 50 |
traffic must be initiated from on-prem to establish a VPN tunnel with VGW |
| Inter region peering MTU size | 1500 bytes | unlike intra region peering, there is no jumbo frame support, therefore inter region performance is maxed out at 5Gbps. |
| Outgoing SMTP traffic on port 25 | throttled | you can send a request to lift the throttle. |