Home > Software design >  AWS public subnet and private subnet traffic
AWS public subnet and private subnet traffic

Time:08-07

I have created a vpc, and created two subnets one is public subnet(attached to internet gateway) and another is private subnet. I am able to access private subnet from public subnet. My question is how the traffic goes out from private subnet to public subnet? The private subnet is associated with main route table. And it has only route to local.

If possible can you please met me know how the traffic goes in route tables(in bound and out bound)? enter image description here

CodePudding user response:

Both route tables has a route to the target called local. "local" means VPC network. Therefore both subnets can communicate within the VPC network. The "enter image description here

and here's what it looks like the other way around:

enter image description here

CodePudding user response:

Each VPC in AWS has an implicit router. You can configure this router by creating Route Tables. You define Routes in these Route Tables. Assuming that both of your private and public subnets are part of the same VPC, the traffic between them goes through this implicit router.

What is the difference between private and public subnets?

Some or all of the resources which are part of a public subnet may be reachable from the internet. No resource from the private subnet should be reachable from the internet directly. This does not mean, that private subnets can not have internet access. They can have internet access with a help of a NAT gateway deployed in a public subnet.

Some explanation for the routes from your diagram:

local route: the default route for a Route Table, makes possible the local traffic to be routed internally in the VPC; igw-id route: this route makes possible the communication with resources outside if the VPC. Since it has a lower priority than the local route, every destination address which falls outside of the VPC CIDR is routed to the Internet Gateway.

  • Related