I have a public subnet with ec2 instnaces. The route table has 0.0.0.0/0
IGW (Internet Gateway) as default.
I tested adding a public IP address to my instance (104.27.142.41/32
as reported by curl ifconfig.co
) and when I ssh to that ec2 it returns this IP address, which I expected.
1) My question is since NAT is only for outbound traffic, how they communicate when it sends request or quote to other sites?
2) If I switch IGW (internet gateway) to NAT for public subnet will it mask all outbound traffic to NAT IP address and still able to communicate with other sites?
Best Answer
Generally you will have 2 kinds of subnets in a VPC:
Public subnet
0.0.0.0/0
there points to the IGWPrivate subnet
0.0.0.0/0
points to the NAT in the public subnet aboveHope that explains it :)