NAT overview
- NAT enables internet connectivity by address translations
- In AWS, to provide internet access to private subnets, we need to use NAT.
- There are two ways of using NAT in AWS
- NAT instance:
- An ec2 instance with NAT server in it
- NAT Gateway:
- NAT as a service by AWS
- NAT instance:
- NAT should be present in public subnet and router to the private subnets should have a route to the NAT and NAT should have a public ip (Elastic IP)
- Create a NAT Gateway
- Login into public ec2 and connect to private
Egress only Internet Gateway
- If all your subnets are private and if they need internet access, then we can use egress-only internet gateway
Multiple VPCs
- Consider a scenario where we create two vpcs in two regions
- The only way for establishing connection is using public ip address
- To solve these kind of issues we have vpn (Virtual Private Networks) to be very specific Site to Site VPN
- AWS has peering connection facility to connect vpcs.
- Rules for connecting are there should not be overlapping cidr ranges
- Peering Connections
- Create a peering connection from any vpc to other
- Accept the peering request
- Now modify route tables to forward the request to pco when you have access other vpc’s cidr rnage
- Do the same stuff in other region vpc
- Create a peering connection from any vpc to other
