AWS Certified Solutions Architect - Professional
  • AWS Certified Solutions Architect - Professional
  • Accounts & Permissions
    • AWS Organizations
    • Service Control Policies
    • Security Token Service
    • Permissions Boundaries
    • Permissions Evaluation
    • AWS Resource Access Manager
    • Service Quotas
  • ADVANCED IDENTITIES & FEDERATION
    • SAML2.0 Identity Federation
    • IAM Identity Center
    • Amazon Cognito
    • Amazon Workspaces
    • Directory Service
    • AWS Control Tower
  • NETWORKING & HYBRID
    • Private and Public AWS Services
    • DHCP In a VPC
    • VPC Router
    • Stateful vs Stateless Firewalls
    • Network Access Control Lists
    • Security Groups
    • AWS Local Zones
    • Border Gateway Protocol
    • AWS Global Accelerator
    • IPSec VPN
    • Site2Site VPN
    • Transit Gateway
    • VPC Routing
    • Accelerated Site-to-Site VPN
    • AWS Client VPN
Powered by GitBook
On this page
  1. NETWORKING & HYBRID

VPC Routing

  • Route Tables:

    • Control how network traffic is directed within and outside the VPC.

    • Each subnet must be associated with a route table.

  • Associations:

    • Explicit Association: You manually associate a subnet with a specific route table.

    • Implicit Association: If no manual association, the subnet uses the main route table by default.

  • Route Priority:

    • AWS VPC route tables match the most specific route first (longest prefix match wins).

    • If multiple routes could apply, the more specific one is chosen.

🚀 Advanced Routing Concepts

  • Advanced Problem 1:

    • Overlapping CIDRs can create complexity. You must plan CIDRs carefully to avoid routing conflicts.

  • Advanced Problem 2:

    • Propagation from VPN or Direct Connect: Learned routes are automatically added but need to be managed carefully in complex environments.

🏠 Ingress Routing via Gateway Route Tables

  • Ingress Routing: Directs incoming traffic through specific appliances (like firewalls) before reaching your VPC resources.

  • Achieved using Gateway Route Tables:

    • Applied at VPC attachments (like Transit Gateway).

    • Helps enforce centralized security inspection or traffic filtering.

🧠 Quick Summary

Concept
Description

Route Tables

Direct network traffic inside and outside VPC

Explicit vs Implicit Association

Explicit (manual), Implicit (default main route table)

Route Priority

Most specific route wins (longest prefix match)

Advanced Routing Issues

Overlapping CIDRs, route propagation challenges

Ingress Routing

Use Gateway Route Tables to control incoming traffic flow through appliances

Last updated 6 hours ago