AWS Network Limits and Limitations

It is good to know about the AWS network limits both for planning and troubleshooting: you can build your architecture to allow you to overcome these limits and it saves you time of troubleshooting when there is a failure or downtime in your network.

For example, an AWS VGW carries a hard limit of 100 BGP routes in total. When the BGP prefixes exceed 100, VGW randomly resets the BGP session, leading to unpredictable potential network downtime.

AWS publishes VPC limits at this link.

In addition to limits, there are limitations in functionality.

Below is a list of commonly asked limits and limitations by network engineers.

Functions Limits Comments
VPC Peering Limit per VPC 125 default limit is 50. Constrained also by route limit of 100
VPC Route entries in a route table 100 default is 50. Performance impact on 100 routes.
BGP prefix total on VGW 100 exceeding the limit results in random BGP resets
VGW instance size scaling reset BGP trigger a BGP downtime
DNAT function in VGW not available  
SNAT function in VGW not available  
NAT Gateway policies not available  
VPN connections per VPC 10  
VPN traffic initiation from on-prem traffic must be initiated from on-prem to establish a VPN tunnel with VGW
VIF per Direct Connect 50  
Inter region peering MTU size 1500 bytes unlike intra region peering, there is no jumbo frame support, therefore inter region performance is maxed out at 5Gbps.
Outgoing SMTP traffic on port 25 throttled you can send a request to lift the throttle.