From Lesson 9.4 – Using NAT Gateways for Internet Access
Probably a bit of a silly question, but I’m trying to wrap my head around the SIMPLICITY of bringing the NAT gateway up in this lesson. I would have thought that we need to do something with routing inside the Private Subnet. How is it that our instance in private subnet immediately has access to the NAT gateway in the Public subnet. I thought subnets were isolated network wise until we provided networking rules to allow for cross subnet communication. From what I can see we provision two different def routs in the public subnet only so I can’t wrap my head around why the private immediately has access.
I’m sure it makes sense, but if anyone has the "explain it to me like I’m ten" kind of explanation, I’d love to hear it :p
1 Answers
When a VPC is created a main route table is created with it. This route table controls the routing for all subnets that are not explicitly associated with any other route table
In this example the VPC network was 10.0.0.0/16, and the main route table has only one route 10.0.0.0/16 target local.
Any Subnet created in the VPC uses the main route table, in this case it has route to all other subnets in the VPC
After the creation of the NAT Gateway. He added a new route to the main route to the internet 0.0.0.0/0 target NAT gateway
Because the new route was created in the main route table, it will be used by all subnets including the private subnet
Thanks Ben! Well answered. I completely forgot about main route table. I’ll re watch the lesson with this in mind. Cheers!