AWS Network Limits and Limitations¶
It is good to know about the AWS network limits both for planning and troubleshooting: you can build your architecture that allows you to overcome these limits; it saves you time of troubleshooting when there is a failure or downtime in your network.
For example, AWS VGW carries a hard limit of 100 BGP routes in total. When the BGP prefixes exceed 100, VGW randomly resets BGP session, leading to unpredictable potential network downtime.
AWS publishes a VPC limits at this link.
In addition to limits, there are limitations in functionality.
Below is a list of commonly asked limits and limitations by network engineers.
|VPC Peering Limit per VPC||125||default limit is 50. Constrained also by route limit of 100|
|VPC Route entries in a route table||100||default is 50. Performance impact on 100 routes.|
|BGP prefix total on VGW||100||exceeding the limit results in random BGP resets|
|VGW instance size scaling||reset BGP||trigger a BGP downtime|
|DNAT function in VGW||not available|
|SNAT function in VGW||not available|
|NAT Gateway policies||not available|
|VPN connections per VPC||10|
|VPN traffic initiation||from on-prem||traffic must be initiated from on-prem to establish VPN tunnel with VGW|
|DXGW cross accounts||not available|
|VIF per Direct Connect||50|
|NLB for UDP traffic||not available|
|Outgoing SMTP traffic on port 25||throttled||you can send request to lift the throttle.|