I am trying to configure NAT in Amazon AWS.
So I have two EC2 with private IPs: 10.0.0.49 and 10.0.0.48. (10.0.0.0/24 network) Nodes in one VPC. I can ping 10.0.0.49 from 10.0.0.48.
Elastic IP 52.88.240.171 pointed to 10.0.0.49.
As I understand I cant point Elastic IP directly to node. Thus I am trying such manual https://serverfault.com/a/568478/192282
On 10.0.0.49:
sudo sysctl -q -w net.ipv4.ip_forward=1 net.ipv4.conf.eth0.send_redirects=0
sudo iptables -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/24 -j MASQUERADE
sudo iptables -L -n -v -x -t nat
Chain PREROUTING (policy ACCEPT 6 packets, 457 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 6 packets, 457 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 32 packets, 2732 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
32 2732 MASQUERADE all -- * eth0 10.0.0.0/24 0.0.0.0/0
[root@ip-10-0-0-49 ~]#
And on 10.0.0.48:
sudo route del default
sudo route add default gw 10.0.0.49
sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.49 0.0.0.0 UG 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.169.254 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
In "Security Groups" of Amazon AWS console is enabled all Inbound and Outbound traffic for each EC2.
But I still have no access to Internet on 10.0.0.48 (node w/o Elastic IP). Maybe I missed smth in aws console? What can be wrong?
UPD. resolv.conf for each EC2 host:
[root@ip-10-0-0-49 ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search us-west-2.compute.internal
nameserver 10.0.0.2
[ec2-user@ip-10-0-0-48 ~]$ cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search us-west-2.compute.internal
nameserver 10.0.0.2
