Route Tables
- Route tables act as router.
- By default we will a have default route table.
- Subnets can be associated with route table, if not associated then default route table will be used for routing
- When we are using any ranges in security groups or NACL or Route tables restrictions can be applied on basis of network id
- Specific Ranges
- Any Ip Address
- Specific IP Address
# Specific Range
10.0.0.0/16 => 10.0.x.x
# Any IP
0.0.0.0/0 => x.x.x.x
# Specific IP
100.100.100.100/32
- Default Routes in Route table: All the communication within vpc is routable
- Connection to Internet gateway
- Lets add a route to forward packets to internet gateway
- For demonstrations refer classroom
Lets create public and private subnets
- Your application has three layers
- web
- app
- db
- Only web should be exposed to internet
- We have six subnets
- web1
- web2
- app1
- app2
- db1
- db2
- We have create the internet gateways
-
Lets create two route tables
- public: will be associated with subnets web1, web2 and will have route to internet gateway
- private: will be associated with other subnets and will not have route to internet gateway
- web1, web2 are public subnets as they have route to internet
-
app1, app2, db1, db2 are private subnets as they dont have route to internet
-
Exercise:
- Create a vpc with 4 subnets
- web
- app
- mgmt
- db
- Only mgmt subnet should be public, rest of the subnets should be private
- Create an ec2 instance in mgmt and web
- Try to connect to ec2 in web from your system and check if it is getting internet or not
- Create a vpc with 4 subnets
