Troubleshooting CloudHub 2.0 Outbound Private Link Connectivity Issues

公開日: Apr 20, 2026

説明

After the private link is created and shows status: available, connectivity tests from the CH2.0 application (or net-tools socket tests) return timeout errors. The VPC Endpoint Service security group has been configured to allow the Private Space CIDR, yet the connection still fails.

解決策

Traffic from CH2.0 applications originates from the Pod Network CIDR 100.64.0.0/16, not the Private Space primary CIDR.

Allow the Pod Network CIDR 100.64.0.0/16 in the Security Group of the VPC Endpoint Service (customer AWS account).

Additional Fix: Enable Cross-Zone Load Balancing on NLB

If the VPC Endpoint Service uses an AWS Network Load Balancer, enable cross-zone load balancing. Without it, traffic from some Availability Zones may not reach targets and may cause intermittent timeouts.

その他のリソース

Key Limitations to Be Aware Of

Outbound connections have a contractual limit of 56.48 GB of data transferred per root organization per hour.
Only Interface VPC Endpoints are supported. This applies to PrivateLink to AWS services or to a VPC endpoint service behind a load balancer.
Maximum VPC endpoints per private space: 20.
This feature supports only one-directional outbound traffic. For inbound traffic from AWS to the Private Space, use Transit Gateway or Anypoint VPN.

ナレッジ記事番号

005318896

この記事で問題は解決されましたか?

ご意見をお待ちしております。

Troubleshooting CloudHub 2.0 Outbound Private Link Connectivity Issues

Additional Fix: Enable Cross-Zone Load Balancing on NLB

Key Limitations to Be Aware Of

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List