Routing between the instances in AWS

amazon-ec2 amazon-web-services routing amazon-vpc
5,134

Solution 1

You need to add routes to the main route table object for the VPC.

In the web console go to the VPC management page and click on Route Tables as seen in the menu at the left. Select the main route table (Yes under Main). In the lower part of the page click the Routes tab and you will see a routes list. Click the blue Edit tab. Click Add another route below the list. Enter your CIDR subnet under Destination. Enter the instance ID or Network Interface object ID of the Windows instance under Target. Click Save when you are sure all is right. Back in the EC2 Instaces page select the Windows instance. Go to Actions>>Networking>>Change Source/Dest. Check. Disable Source/Dest. Check so it allows packets to/from the Linux instance.

Solution 2

You have to modify VPC routing table. You need to add static route to your site subnet and use IP of windows as gateway. Windows instance needs to set Source/dest. check to False. Your routing table will looks like this:

172.31.0.0/16   local                      Active  No
0.0.0.0/0       igw-xxxxxxxx               Active  No <-- this is your VPC internet gateway ID
10.98.0.0/16    eni-xxxxxxxx / i-xxxxxxxx  Active  No <-- this is windows instance

Everything else will manage AWS.

Share:
5,134

Related videos on Youtube

Evgeniy
Author by

Evgeniy

DevOps Engineer with 10+ years of hands-on experience in various areas. Certified Microsoft, Google, Cisco, Oracle expert.

Updated on September 18, 2022

Comments

  • Evgeniy
    Evgeniy over 1 year

    I have two instances in the same VPC: Linux (172.31.25.177) and Windows (172.31.26.178). I opened all ports in the security group for both IP addresses and they can to connect to each other.

    Windows is connected to the on-premise VPN device. I would like to route the packets from Linux to my site through Windows.

    I had set-up RRAS on Windows and specified his internal IP as a gateway to my site network (10.98.0.0/16) in the Linux.

    root@ip-172-31-25-177:~# ip route show
default via 172.31.16.1 dev eth0
10.98.0.0/16 via 172.31.26.178 dev eth0

    But I see that no packets coming to the Windows from Linux (172.31.25.177) when I tried to connect to the site resources.

    What I need to configure on VPC to make this work?

  • Michael - sqlbot
    Michael - sqlbot over 8 years
    Also, you do not need to add static routes to any of the instances. The VPC routing tables should be used for all routing configuration within the VPC, with instances using their default route.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to verify a AWS VPC (S3) endpoint works?
How to use IPSec / Openswan with Amazon's Virtual Private Cloud (VPC) and EC2?
AWS Load Balancer to route traffic to one target group with multiple microservices
How to assign EIP to Autoscaling Group of VPC in Cloudformation template
can't connect aws VPC private instance to internet through NAT
Why does port 6379 need to be opened on the security group for elasticache?
Setting up a VPN connection to Amazon VPC - routing
Can you connect to Amazon VPC VPN from Windows 7 without a hardware VPN on your end?
aws private instance cannot resolve hostname (VPC with NAT instance)
Is it okay to use an Elastic Load Balancer for ssh/sftp traffic?