堆栈内存溢出
  简体   繁体   English

AWS VPC出站流量

[英]AWS VPC outbound traffic

 原文  2014-05-16 20:57:56       amazon-web-services/ amazon-vpc

问题描述

I have a VPC in AWS with a public and a private subnet. 我在AWS中有一个VPC,其中有一个公共子网和一个私有子网。 I added an OpenVPN server to it and as long as I'm logged into the VPN I can access everything just fine. 我向其中添加了OpenVPN服务器,只要登录到VPN,我就可以正常访问所有内容。 I now need to set it up so that a server in the VPC can access an external REST API. 现在,我需要对其进行设置,以便VPC中的服务器可以访问外部REST API。 My current ACL rules are completely open. 我当前的ACL规则是完全开放的。 Both inbound and outbound look like this: 入站和出站都看起来像这样: 

100 ALL Traffic ALL ALL 0.0.0.0/0 ALLOW
*   ALL Traffic ALL ALL 0.0.0.0/0 DENY

I have my security group setup to only allow internal traffic on these ports: 我将安全组设置为仅允许这些端口上的内部通信: 

SSH (22)     TCP (6) 22   10.0.0.0/24
HTTP (80)    TCP (6) 80   10.0.0.0/24
HTTPS (443)  TCP (6) 443  10.0.0.0/24
MySQL (3306) TCP (6) 3306 10.0.0.0/24

My outbound traffic for the security group allows all. 我针对安全组的出站流量允许所有流量。 So I would think an outbound http request would be allowed by the security group and the ACL. 因此,我认为安全组和ACL将允许出站http请求。 But when I try wget google.com the domain is resolved but it just sits at connecting to google.com. 但是,当我尝试wget google.com该域名已解析,但它只是连接到google.com。 I checked my routing table and any traffic thats not local goes to the gateway: 我检查了路由表,所有非本地流量都流向了网关: 

Destination Target       Status Propagated
10.0.0.0/24 local        Active No
0.0.0.0/0   igw-912ddaf4 Active No

Can someone point me in the right direction of how this should be set up. 有人可以指出正确的方向吗? Or tell me why I don't have outbound traffic. 或告诉我为什么我没有出站流量。 Maybe at least list any other places where network traffic could be restricted on AWS's VPC. 也许至少列出在AWS的VPC上可能限制网络流量的其他任何地方。 Thanks 谢谢

3 个解决方案

解决方案1
 2  2014-05-16 22:13:02

您需要一个NAT实例,以便您专用子网上的系统可以访问Internet。

解决方案2
 0  2016-11-23 17:54:34

在此处输入图片说明

When we configure the Private Sub network we have to configure in the pub through nats and redirect it from Private. 当我们配置Private Sub网络时,我们必须通过nat在发布服务器中进行配置,并将其从Private重定向。

解决方案3
 -1  2016-01-14 10:48:09

It seems to me there might be some race conditions: I've been having trouble with frequent internet connection issues, I checked the docs, and tried lots of things. 在我看来,可能会出现一些竞赛情况:我经常遇到互联网连接问题,我检查了文档,并尝试了很多方法。 Just now I restarted the EC2 instance, checked that it wasn't working, then I re-applied the same network security groups by right clicking on the instance in the EC2 management console, then restarted the instance again and it suddenly started working. 刚才我重新启动了EC2实例,检查它是否无法正常工作,然后通过在EC2管理控制台中右键单击该实例来重新应用相同的网络安全组,然后再次重新启动该实例,然后它突然开始工作。 Perhaps someone from AWS could look into reproducing it? 也许来自AWS的人可能会考虑复制它? I will post again if I can reproduce it myself. 如果可以自己复制,我会再次发布。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS VPC - 允许到 AWS cloudwatch 的出站流量 - AWS VPC - allow outbound traffic to AWS cloudwatch AWS VPC 有一个外部 IP 用于出站流量 - AWS VPC have a single external IP for a outbound traffic 如何将 VPC 出站流量列入白名单 - How to whitelist VPC outbound traffic 临时拒绝 AWS 中的出站流量 - Temporary deny outbound traffic in AWS AWS VPC 限制对特定 URL 的出站访问 - AWS VPC Restrict outbound access to certain URL VPC中ECS主机的AWS出站规则 - AWS outbound rule for ECS hosts in VPC VPC网络ACL出站流量-特定IP无法访问 - VPC Network ACL Outbound Traffic - Not reachable for specific IP 将出站流量限制为AWS SNS / SMTP - Restrict outbound traffic to AWS SNS / SMTP 来自 AWS 中私有子网的出站流量 - Outbound Traffic from Private Subnet in AWS AWS通过NAT路由所有出站流量 - AWS routing all outbound traffic through a NAT
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM