AWS Networking Contd
- The Network Diagram of VPC
- Now lets create an ec2 instance in the subnet1
- Generally when we try to use cidr notations for restricting or specifying range of ip addresses
100.100.100.0/24
=> Network Id: 100.100.100
=> if we use this in security groups or nacls down the line it represents all the ip addresses from 100.100.100.0 - 100.100.100.255
100.100.0.0/16 => 100.100.0.0 to 100.100.255.255
0.0.0.0/0 => 0.0.0.0 to 255.255.255.255 => all ip addresses
17.18.19.20/32 => 17.18.19.20
- When we deal with Security groups or NACLs
- IP Range => CIDR Notation
- Protocol =>
- TCP
- UDP
- ICMP
- Port =>
- ssh works on 22 port on TCP
- http works on 80 port on TCP
- RDP works on 3389 port on TCP
- Incoming Packets (Ingress/Inbound) or Outgoing packets (Egress/Outbound)
- Now Let me create a security in our vpc which allows all traffic from 19.20.21.22
- i.e all protocols, all ports from 19.20.21.22/32 (inbound)
- allow SSH (tcp 22) from anywhere
- By default aws security group enables all outgoing traffic
- Create a security group
- Exercise: Create a Security group in your vpc which
- opens all the traffic from with in vpc
- http port (tcp port 80) from anywhere
- ssh port (tcp port 22) from anywhere
- tcp port 8080 from anywhere
- AWS will not allow any connections from internet by default, for this we need to learn about internet gateways and also Route tables.
