堆栈内存溢出
  简体   繁体   English

AWS EC2实例路由表和VPC路由表

[英]AWS EC2 instance route table and VPC route table

 原文  2015-12-04 18:56:57       amazon-web-services/ amazon-ec2/ amazon-vpc

问题描述

Is the VPC route table supposed to be installed as the route table on my ec2 instance? 是否应该将VPC路由表安装为我的ec2实例上的路由表? My instance is in the associated subnet yet it's route table seems to be independent of what I do in the VPC route table. 我的实例位于关联的子网中,但它的路由表似乎与我在VPC路由表中的操作无关。 I'm in the process of setting up NAT and want to have my instances take the VPC route table so they use my NAT instance as the default gateway. 我正在设置NAT并希望让我的实例获取VPC路由表,以便他们使用我的NAT实例作为默认网关。

EDIT: If the VPC route table is supposed to be somehow propagated to my instance (4.1.10-17.31.amzn1.x86_64), is there any documentation on what mechanism does this? 编辑:如果VPC路由表应该以某种方式传播到我的实例(4.1.10-17.31.amzn1.x86_64),是否有任何关于这种机制的文档? I'm not finding anything. 我找不到任何东西。

1 个解决方案

解决方案1
 5 已采纳  2015-12-04 20:32:37

Typically, the correct configuration is to leave the instance route tables alone, and disregard them. 通常,正确的配置是单独保留实例路由表,并忽略它们。

EC2 instances inside VPC use their default route to send all traffic to the virtual router provided by VPC itself. VPC内的EC2实例使用其默认路由将所有流量发送到VPC自身提供的虚拟路由器。

The VPC router then forwards the traffic according the the VPC route tables for the instance's subnet. 然后,VPC路由器根据实例子网的VPC路由表转发流量。

The routes in the VPC route table do not propagate back into the instances themselves, but they're used to make forwarding decisions for all the traffic. VPC路由表中的路由不会传播回实例本身,但它们用于为所有流量做出转发决策。

Forwarding traffic "directly" from one instance to another in VPC isn't a meaningful concept, because the VPC network is not a "real" Ethernet network, in spite of appearances to the contrary -- everything is virtual (it's a software-defined network). 在VPC中“直接”从一个实例转发到另一个实例的流量并不是一个有意义的概念,因为VPC网络不是“真正的”以太网网络,尽管有相反的表现 - 一切都是虚拟的(它是软件定义的)网络)。 All traffic between any two instances, whether they're on the same subnet or not, always traverses the VPC network infrastructure in pretty much the same way. 任何两个实例之间的所有流量,无论它们是否在同一子网上,总是以几乎相同的方式遍历VPC网络基础结构。

If an instance is on a subnet that has the NAT instance as its default route in the subnet's VPC route table, the instance will automatically use the NAT machine as its default gateway for all traffic outside the VPC supernet, with no configuration necessary in the instance itself. 如果实例位于子网的VPC路由表中具有NAT实例作为其默认路由的子网上,则实例将自动使用NAT计算机作为VPC超网外部所有流量的默认网关,实例中无需配置本身。

Note that unlike a conventional network, the NAT instance needs to be on a different subnet than any of the instances that use it as their gateway. 请注意,与传统网络不同,NAT实例需要与使用它作为其网关的任何实例位于不同的子网上。 The route table for the subnet where the NAT instance is actually installed must have the the igw-xxxxxxxx Internet Gateway object as its default route. 实际安装NAT实例的子网的路由表必须具有igw-xxxxxxxx Internet Gateway对象作为其默认路由。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 为什么 traceroute 使用 VPC 忽略 AWS EC2 中的路由表 - Why traceroute ignores route table in AWS EC2 with VPC Ansible AWS 模块错误 -> ec2-vpc-route-table - Ansible AWS Modules Error -> ec2-vpc-route-table AWS VPC路由表-删除默认路由 - AWS VPC Route Table — Delete default route AWS VPC - 更改路由表后无法从 ec2 实例 ping - AWS VPC - cannot ping from ec2 instance after changing route tables AWS::EC2::SubnetRouteTableAssociation 未显示路由表 - AWS::EC2::SubnetRouteTableAssociation is not showing up with a Route Table AWS VPC路由表-更改默认路由表 - AWS VPC Route Table - Change default route table AWS VPC 子网路由表最佳实践 - AWS VPC subnet route table best practices 什么是路由表 (AWS VPC) 中的目的地和目标? - What is Destination and Target in Route table (AWS VPC)? terraform aws - 如何将默认路由添加到 vpc 默认路由表? - terraform aws - how to add default route to vpc default route table? AWS IAM 拒绝访问以更新 VPC 路由表中的特定路由 - AWS IAM Deny access to update specific route in a VPC Route Table
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM