I have amazon VPC set through wizard as "public only network", so all my instances are in public subnet.
Instances within VPC that have Elastic IP assigned connect to internet without any troubles.
But instances without elastic IP can't connect anywhere.
Internet gateway is present. Route table in aws console looks like
Destination Target 10.0.0.0/16 local 0.0.0.0/0 igw-nnnnn
and route from inside instance shows
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.0.0 * 255.255.255.0 U 0 0 0 eth0 default 10.0.0.1 0.0.0.0 UG 100 0 0 eth0
I tried to open ALL inbound and outbound traffic to 0.0.0.0/0 in security group that an instance belongs to. Still no success.
~$ ping google.com PING google.com (74.125.224.36) 56(84) bytes of data. ^C --- google.com ping statistics --- 6 packets transmitted, 0 received, 100% packet loss, time 5017ms
What else can I do?
Sign in to the Amazon VPC console. On the navigation pane, in the Virtual Private Cloud section, choose Internet Gateways. In the search box, search for the internet gateway attached to your VPC. You can also use the search bar on the page to search for your Attached VPC ID (for example, vpc-xxxxxxxx).
You can connect to your VPC through a virtual private network (VPN), AWS Direct Connect (DX), a VPC peering connection, a VPC endpoint, ClassicLink, an internet gateway, a network address translation (NAT) gateway, or a NAT instance. The best option depends on your specific use case and preferences.
It appears that the only way to get outside from instances that don't have Elastic IP is:
So, just adding NAT is not enough. Instances should be stopped and moved to another IP from another subnet.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With