Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Understanding AWS route-tables - cannot create a more specific route

I wish to make my VPCs subnets accessible from the Internet.

More specifically: traffic from the Internet Gateway (igw-f43c4690) to my subnets must be allowed.

For that I created a Route Table and associated it with my subnets.

enter image description here

Question:

I understand the traffic will be redirected from the Internet Gateway (Target) to the IP range (Destination) - right?

Why must I name a more generic ip range here (0.0.0.0/0 in pic above), than mentioned in the local route?

Why can't I name an IP range, the same as in my subnet, here and then associate the route table with my subnet?

enter image description here

like image 221
Skip Avatar asked Jun 13 '17 10:06

Skip


1 Answers

Think of the Route Table as defining where traffic goes when it leaves the subnet. If an Amazon EC2 instance on a subnet wishes to send traffic to a destination on the Internet, the Route Table tells it to go via the Internet Gateway.

The Route Table also controls whether a subnet can receive traffic from the Internet, but it is defined with outgoing rules. That's why the column is called Destination.

Traffic going out of a subnet is evaluated against all the rules in the Route Table, starting with the smallest range of addresses through to the largest range (which is 0.0.0.0/0). Thus, traffic can be routed through a Virtual Private Gateway, VPC Peering, NAT Gateway, and so on, before it is finally routed to the Internet as a 'catch-all' setting.

Bottom line: Define your outgoing routes and the in-going routes will work just fine.

like image 140
John Rotenstein Avatar answered Nov 04 '22 20:11

John Rotenstein