I have created a VPC and internet gate way. And attached internet gateway to the vpc. Create two subnets one is public subnet and another is private subnet. And created a route table to route the traffic. In route table added a route rule 0.0.0.0/0 to IGW(internet gatway). To test this I launch a EC2 instance in public subnet. I have generated a public IP address example : (554.6.8.24). Using that IP address do ssh and I am connecting from local machine to EC2 instance.

My question is I am connecting to the EC2 instance from my local machine using public IP. What is the point of adding route rule in 0.0.0.0/0 to IGW(internet gatway) in route table?. With out route rule can I connect to Ec2?

CodePudding user response：

If an Internet Gateway is not present in an Amazon VPC, then that VPC has no connection to the Internet. This can be very useful for creating private networks.

If you want to connect a VPC to the Internet, then you need to:

• Create an Internet Gateway for that VPC
• Create a Route Table that sends traffic to the Internet Gateway
• Attach the Route Table to a Subnet (thereby making that subnet a Public Subnet since it routes to the Internet Gateway)
• Put resources inside the Public Subnet (eg EC2 instances)

In contrast, Private subnets do not have a Route Table entry that points to an Internet Gateway. Therefore, those subnets cannot access the Internet. This is an added layer of security to prevent access to private resources.

The only difference between a Public Subnet and a Private Subnet is having the Route Table entry that points to an Internet Gateway. Without that entry, a subnet will remain private.