AWS Fundamentals on Netmask, Route Table, Internet Gateway, Vpc
Written by
Introduction
No doubt in the coming years there will be various entrepreneurs who would thank AWS or Amazon Web Services for the immense growing popularity of their enterprises. So, it’s always a need to have a basic idea about the fundamentals of AWS Networking. The main aim of this article is to acknowledge the aspiring business developers with the ideologies related to the AWS Networking.
What is Netmask?
Netmask is a 32-bit “mask” that is used to divide an IP address into subnets and is also used to specify the network’s available hosts. In a Netmask, 2 bits are always automatically assigned. E.g., “255.255” in “255.255.255.0”.
What is Route Table?
Fundamentals for networking in the routing table are important for developers using AWS. The route table is responsible for deciding how the traffic flows between subnets. Since it is heavily related to a subnet, if you want to move traffic from a public network to a private network, you need to set up routing tables to define where services can access. Without route tables, we will have chunks of network with no rules about which devices can communicate among themselves and how they would communicate.
What is Internet Gateway?
For a networking developer, internet Gateway is a fundamental part of networking. Internet Gateway is a component in AWS which, when attached to a VPC, gives it public internet access. To create a public subnet, we need to create a regular subnet first and we need to update its route table to the internet. We also need to ensure that a VPC is set up with an internet gateway.
The Internet gateway is a bit confusing when we think about internet access because some services need a network coming in, like a static website whereas other services need traffic that flows out and not in, such as internal private micro-service that needs to pull in dependencies from other internet-based services. To set up an internet gateway, developers need to create a resource and attach it to a VPC.
What is a Virtual Private Cloud (VPC)?
When you’re working with AWS, the only logical way for separating resources is a VPC or virtual private cloud. A VPC is basically a way to lay claim on the machine that belongs to you to prevent them from being accessed by anyone else.
When a developer owns a VPC, the resources contained within it can only communicate with other VPC resources unless they do some special tricks to connect the VPC’s. A developer creates a VPC when they define a range of private IP addresses to allocate to it.
Routing in a VPC
To communicate between the addresses of the machines, we need to route, and routing tables tell the system how the packets should move around and where to put the next packet. The routing table contains routes that contain the destination or target mapping. Destination here refers to the destination of CIDR, where you want traffic from your subnet to go.
The target here refers to the target through which destination traffic needs to be sent. A default main route table is provided to developers by AWS for every VPC. Developers can even create custom route tables and associate them with the subnet. AWS also creates a default route from communication with the VPC. Every VPC has a default route table and developers can find out everything inside their CIDR range via that.
To connect machines in the specific VPC to the internet, you need to have:
- Some form of connection to the internet
- Some route to the internet
- Some public address
- Some machines can only connect to the internet if it has a public subnet present.