Everything You Need To Know About Networking On AWS
Disclaimer: I'm not a network engineer and never have been - a tame network engineer...
For further actions, you may consider blocking this person and/or reporting abuse
Great post, Graham!
I just would like to point out some small things for improvement:
Internet Gatewayssection the local route 10.0.0.0/8 should really be /16Thanks for this post. Definitely an area I need to greatly improve my understanding. Networking in general has never been something I've found any love for but definitely an area I need to read up on.
I'm interested in the NAT concept. I've read up briefly on this but it never really sticks in my mind. I believe the purpose is to only allow connections out of the network so that you can carry out tasks like running updates on your server is that correct? If the NAT has to establish the outbound connection, does this mean for example a webserver, running behind a NAT could not be addressed in the browser and receive a page back? If I wanted to do such a thing I just use a general purpose routing table and internet gateway in AWS?
Also another question, have you come across bastion hosts being used in AWS? Typically these are sat out on the edge allowing only white listed connections maybe over SSH to then enable you to SSH into your other boxes. I'd be interested to see such a set up explained too. I've used one at work, but never understood the exact connection setup.
Network address translation is very common in private networks, for example the router in most homes performs NAT so that you can use the Internet.
SSH bastions are a common set up and they work roughly the other way round to NAT boxes in that they sit in the public subnets and allow incoming traffic via SSH and then allow access to the rest of the VPC from themselves.
Great post I was trying to understand this for hours this makes perfect sense :)