Create a Networking Hub

Create a Networking Hub to centrally manage the traffic and connectivity between AWS resources, AWS VPCs, and external resources.

Article Tags
On This Page
Before You BeginGet StartedProvide Networking Hub DetailsChoose Interface VPC EndpointsChoose Gateway VPC EndpointsAdd CIDR Range Exclusions and Hub tagsCreate Your Networking HubView Your Networking HubSee also

The Stax Networking Hub forms the basis of a Stax Network and is the first step to establishing any connections. The Hub centrally manages the traffic and connectivity between AWS resources, AWS VPCs and external resources. By creating a Stax Networking Hub, you will be deploying the below resources:

  • AWS Transit Gateway: A dedicated gateway for connecting your VPCs, on-premises data centers and other distributed networks.
  • Transit VPC: A Stax built and managed VPC that provides centralized outbound access/egress to the internet with preconfigured secure routes.
  • Private Hosted Zones: An AWS Route53 hosted zone enabling Interface VPC Endpoints attached to the Stax Transit VPC to be shared across all VPCs within a Networking Hub.

Should you need internet access, you can choose to also deploy:

  • AWS NAT Gateway: A gateway that allows resources in the private subnet of the Stax Transit VPC to connect to the internet or other AWS resources.
  • Internet Gateway: A VPC component that allows communication between your VPC and the internet.

Before You Begin

  • Estimated time to complete: 15-20 minutes
  • Ensure you are a member of the Admin role
  • Ideally, you would have an intermediate/advanced understanding of networking or have spoken to your networks administrator about making these changes
  • It would be good to have an intermediate understanding of AWS

You will need to have:

Optional:

  • Decide on an Autonomous System Number (ASN) you want to use. If left blank, Stax will set a default for you. This cannot be changed later.
  • Decide on a Private Hosted Zone (PHZ) Suffix you want to use. This can be added later but once set, you cannot change it.
  • Decide if your network requires internet access.
  • Decide on the AWS Interface VPC Endpoints you want to attach to your Transit VPC (See Which VPC Endpoints should I enable?).
  • Decide on any CIDR Range Exclusions that you want to reserve to avoid conflicts with already utilized network addresses.

Get Started

  1. Log in to Stax Customer Console

  2. Select Networks in the left-hand nav pane

    Networks Menu Item

  3. If this is your first Networking Hub, select Get started. Otherwise, select + Create Networking Hub

    Create Networking Hub Button

Provide Networking Hub Details

The Create Networking Hub wizard walks you through the requirements to create your networking hub.

FieldContentsExample
Networking Hub nameProvide a name for your Networking Hubprod-apse2
DescriptionProvide a readable description of your Networking HubProduction Networking Hub in ap-southeast-2
CIDR Range nameProvide a name for the first CIDR Range in the Networking Hubprod-apse2-cidr
CIDR RangeProvide the first CIDR range for the Networking Hub to utilise10.100.0.0/16
AccountChoose the account the Networking Hub should be deployed intonetwork-prod
RegionChoose the region the Networking Hub and its associated VPCs should be deployed intoAsia Pacific (Sydney)
ASNIf you need to specify a custom ASN, enter it here54321
PHZ SuffixThis is the internally-resolvable private hosted zone/domain name for your VPCs and cannot be changed later. While this domain does not need to be publicly resolvable, and should not be in use elsewhere, Stax recommends using a domain you own to prevent complications in futuremycompany.cloud

If you require a NAT Gateway and/or Internet Gateway, select the appropriate check boxes. You can change this setting later from within your Transit VPC's details drawer.

NAT and Internet Gateway Check Boxes

VPN Equal Cost Multi-Path (ECMP) support is enabled by default. This routing protocol allows your Stax Transit Gateway to utilize ECMP when routing traffic over multiple VPNs. You cannot change this setting later, so ensure you make the appropriate choice based on your routing requirements.

ECMP Support Check Boxes

If you require Transit VPC endpoints, choose Configure Now from the Configure endpoints for Interface and Transit VPCs section.

Configure endpoints for Interface and Transit VPCs

Select Continue to proceed to the next page.

Choose Interface VPC Endpoints

If you chose to configure any Interface VPC Endpoints, you'll be presented with the Interface VPC endpoints page. Enable the appropriate endpoints in the list, then select Continue.

Choose Interface VPC Endpoints

Choose Gateway VPC Endpoints

If you need to configure any Gateway VPC Endpoints, you can do so when creating the Networking Hub. Changing your selection later is possible by Editing your Transit VPC.

Select Continue after making your selection.

Choose Gateway VPC Endpoints

Add CIDR Range Exclusions and Hub tags

If there are any CIDR ranges within the Networking Hub CIDR range that you wish to exclude from provisioning because of existing/future user, you can do so by adding a CIDR exclusion.

Create a CIDR Exclusion

Additionally, you can add tags to your Networking Hub, Transit VPC, and Transit Gateway.

Add Networking Hub tags

Create Your Networking Hub

Once you've completed all the details above, select Create to commence the creation of the Networking Hub. View the progress of your Hub creation on the Hub's main page or select the drawer icon on the top right of the page to open the Hub details drawer.

View Your Networking Hub

Once your networking resources have been deployed, your Networking Hub will be available on the Networks page. Select your Networking Hub to view your Hub's CIDR Ranges, VPCs and Exclusions. For further details about your Networking Hub, click the vertical ellipsis (⋮) on the top right of the Networking Hub

View Networking Hubs

See also