1

I have a public subnet (10.10.1.0/24) and private subnet(10.10.2.0/24) in my VPC. I've setup a nat instance in my public subnet to provide outbound web access to all private instances.

I have a load balancer for 2 IIS server instances which are in my public subnet. but they need outbound internet access. I can't seem to get it working with adding the NAT instance IP as a 2nd gateway to them. whats the best practice on this one in AWS??

user9517
  • 114,104
  • 20
  • 206
  • 289
Tripp
  • 11
  • 1
  • Add your quad zero route. Outbound rule. 0.0.0.0 goes through your gateway. Everything that isn't in your network now goes out your gateway. – Citizen May 05 '15 at 08:01
  • If your instance does not have it's *own* public IP address, it doesn't go in a "public" subnet, *by definition*. http://serverfault.com/questions/658291/vpc-public-subnet-internet-access-with-elb-hooked-up/658362#658362 Provision these machines in the private subnet. Leave the ELB in the public subnet. Don't tinker with the routing tables on the instances at all. – Michael - sqlbot May 05 '15 at 09:15
  • I've tried adding an instance thats in the private subnet to the LB but because the private subnet doesn't have an internet gateway it wont let me do that. The private subnet's route is pointing to the NAT. – Tripp May 05 '15 at 13:16
  • 1
    Ahh, i see whats going on now. When you associate an LB with a subnet, its the public subnet. That doesn't affect what insances you can use with it, so your instances should be in the private subnet eh. – Tripp May 05 '15 at 13:28

0 Answers0