I basically have no clue.

I thought one would have a node two VPC, e.g. app and database, so it can speak to both, but the load balancers can't.

With peering one would have an app VPC and a database VPC and peer them?

In AWS you use a mix of private and public subnets within a single VPC.

Not sure best practice for DO since I haven't tried their VPC setup but it doesn't appear to have a way to let two VPCs interact yet.

Interesting, didn’t know that about AWS. In more familiar with the Google cloud version of VPC. Seems the DO implementation is more like the AWS version

For what it's worth VPC ranges are allowed to overlap in GCP -- and do by default -- but then you aren't able to peer them. I kind of prefer the DO/AWS constraint.

Agreed, having paid the cost of a few VPC moves to separate ranges on AWS in order to gain peering.

No such constraint in AWS.

I misremembered. Thanks for the clarification.

Heh, no worries -- mostly the same deal there:

- You can do it, but it's probably not a great idea if you need to do VPC peering (or attach multiple VPCs to one VM, see next).

- Does actually work, but it does not work if the VPCs you're trying to attach to a single VM have overlapping CIDRs.

- Same deal, almost. You cannot add or remove network interfaces from an existing VM.

you cannot peer 2 vpcs that have an overlap but you can have multiple vpcs that have overlaps. it only matters for the 2 vpcs you want to peer

But AWS tells you to not overlap them, and likely keeps that behavior for legacy reasons.

I could have missed it, but I've never seen a suggestion not to overlap network addresses unless you want to peer them.

If you're launching ephemeral networks for testing VMs / virtual appliances in their own, isolated networks, it can be totally feasible to have lots of them using the same addresses. You can only create 5 VPCs (at all) by default per AWS account, but they'll raise that limit for you if you request it.