2

I'm new to AWS and I'm trying to understand route tables.

So I have two route tables, one being the public route table and one being the private route table.

Below is the routing for the public route table.

public route table routes

It has the default route, where traffic in the VPC is directed to instances in the subnet associated in this route. There is the other route which I created, where traffic from anywhere is directed to the internet gateway. My question here is that mean all traffic in the subnet is directed to the internet?

Below is the routing for the private route table. private route table routes

It only has the default route. I would assume that all traffic from subnet 10.0.0.0/16 is directed to instances in the subnet associated in this route. Is that correct?

Lastly, what's the difference between being a main route table and non-main route table?

My private route table is my main route table, and the public route table is not. I don't quite understand what it means.

Any tips would be much appreciated.

diggledoot
  • 691
  • 8
  • 22

1 Answers1

5

My question here is that mean all traffic in the subnet is directed to the internet?

No, on the contrary. The "default" route is so called local route and is always present. It means that all traffic to resources in the VPC stays in the VPC. Thus one instance can access second instance in a VPC without internet (provided you don't use public IP addresses) thanks to the local route.

However, if your traffic is to Destination 0.0.0.0/0 it will go to your internet gateway. Even though 0.0.0.0/0 represents all IP addresses, due to route priority local traffic will stay local. This is because 10.0.0.0/16 is more specific then 0.0.0.0/0:

We use the most specific route in your route table that matches the traffic to determine how to route the traffic (longest prefix match).

I would assume that all traffic from subnet 10.0.0.0/16 is directed to instances in the subnet associated in this route. Is that correct?

It's not correct. The rule means that all traffic from the subnet can be directed to any instance in the VPC, which includes other subnets.

what's the difference between being a main route table and non-main route table?

Each VPC has a main route table. The main route table is used when your subnets don't have associated custom route tables. So you can think of it as a fall back. If you create a subnet and do not explicitly associate a custom route table with your subnet, the rules defined in the main route table will apply to the traffic in that subnet.

Marcin
  • 215,873
  • 14
  • 235
  • 294
  • 1
    I see. Thank you for the explanation! – diggledoot Mar 30 '21 at 23:40
  • @cswannabe No problem. Glad it helped. – Marcin Mar 30 '21 at 23:47
  • I have created a vpc, and created two subnets one is public subnet(attached to internet gateway) and another is private subnet. I am able to access private subnet from public subnet, my question is how the traffic goes out from private subnet to public subnet. As private subnet is associated with main route table. And it has only route to local. – user3094331 Aug 06 '22 at 13:47