Learning AWS: Subnets, Internet Gateways, and Route Tables Simplified

ShaileshShailesh
5 min read

Table of contents

Introduction

Creating a robust and scalable network infrastructure in AWS is crucial for any cloud-based application. Key components in this infrastructure include subnets, internet gateways, and route tables. In this blog post, we will delve into Subnets, Internet Gateways & Route Tables and explain their roles, configuration, and how they work together.

Subnets✔

🟣What is a Subnet?

A subnet (short for subnetwork) is a segmented piece of a larger network, specifically a VPC (Virtual Private Cloud) in AWS. Subnets allow you to partition your VPC's IP address range into smaller, manageable chunks. This segmentation helps isolate different parts of your infrastructure for security and management purposes.

🟣Types of Subnets

  1. Public Subnet: A subnet that has a route to the internet gateway, allowing instances within it to communicate with the internet.

  2. Private Subnet: A subnet that does not have a route to the internet gateway, restricting instances within it from directly accessing the internet.

🟣Creating Subnets

  1. Open the VPC Dashboard in the AWS Management Console.

  2. Click on Subnets and then Create subnet.

  3. Enter the following details:

    • Name tag: Enter a name for the subnet.

    • VPC: Select the VPC in which to create the subnet.

    • Availability Zone: Choose an Availability Zone for the subnet.

    • IPv4 CIDR block: Specify a range of IP addresses for the subnet (e.g., 10.0.1.0/24 for a /24 subnet).

  4. Click Create.

🟣Subnet Use Cases

  • Public Subnets: Used for resources that need direct access to the internet, such as web servers.

  • Private Subnets: Used for resources that should not be directly accessible from the internet, such as databases.

Internet Gateways✔

🟡What is an Internet Gateway?

An Internet Gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between instances in your VPC and the internet. It acts as a bridge, enabling outbound traffic to the internet and inbound traffic from the internet.

🟡Key Characteristics

  • Highly Available: Internet gateways are redundant and horizontally scaled to meet traffic demands.

  • Stateful: Internet gateways maintain the state of connections, ensuring return traffic reaches the correct instances.

🟡Creating an Internet Gateway

  1. In the VPC Dashboard, click on Internet Gateways.

  2. Click Create internet gateway.

  3. Enter a name for the internet gateway and click Create internet gateway.

  4. Attach the internet gateway to your VPC by selecting it and clicking Attach to VPC.

🟡Configuring Internet Gateways

  • Routing: You must update your VPC's route tables to direct internet-bound traffic to the internet gateway.

  • Security: Ensure your security groups and network ACLs are configured to allow necessary traffic.

Route Tables✔

🟠What is a Route Table?

A route table contains a set of rules, called routes, that determine where network traffic is directed. Each subnet in your VPC must be associated with a route table. A subnet can only be associated with one route table at a time, but multiple subnets can be associated with the same route table.

🟠Types of Routes

  1. Local Route: Automatically added to all route tables, allowing communication within the VPC.

  2. Internet Route: Directs traffic to the internet gateway for external communication.

  3. NAT Gateway Route: Directs traffic to a NAT gateway for internet access from private subnets.

🟠Creating and Configuring Route Tables

  1. In the VPC Dashboard, click on Route Tables.

  2. Click Create route table.

  3. Enter a name for the route table and select the VPC.

  4. Click Create.

  5. To add routes:

    • Select the route table and click Edit routes.

    • Add a new route with the destination 0.0.0.0/0 (for all IP addresses) and the target as the internet gateway.

  6. To associate a route table with a subnet:

    • Select the route table and click Subnet associations.

    • Choose the subnet(s) you want to associate with the route table and click Save.

🟠Use Cases for Route Tables

  • Public Subnets: Route tables for public subnets should include a route to the internet gateway.

  • Private Subnets: Route tables for private subnets should include a route to a NAT gateway if internet access is required for the instances.

Case Study: E-Commerce Platform

💠Scenario: An e-commerce company needs to deploy a scalable web application to handle customer traffic and securely manage product inventory data.

💠Infrastructure Setup:

  • Public Subnet:

    • Hosts the application servers (e.g., EC2 instances running web servers like Apache or Nginx).

    • These servers need to be accessible to customers via the internet.

  • Private Subnet:

    • Hosts the database servers (e.g., RDS instances) that store sensitive customer and product data.

    • These servers do not have direct internet access, ensuring data security.

  • Internet Gateway:

    • Provides internet access to the application servers in the public subnet.

  • NAT Gateway:

    • Allows database servers in the private subnet to download security patches and updates from the internet.

  • Route Tables:

    • Configured to route traffic from the public subnet to the internet via the internet gateway.

    • Configured to route traffic from the private subnet to the internet via the NAT gateway for outbound connections only.

💠Explanation: This setup ensures that customer-facing web servers can handle user traffic while keeping the database servers secure. The use of a NAT gateway allows the database servers to receive updates without exposing them directly to the internet.

Conclusion💡

Subnets, internet gateways, and route tables are fundamental components of AWS networking. They work together to enable secure, scalable, and flexible network architectures. Understanding and configuring these components correctly ensures your AWS infrastructure meets your application needs and security requirements.

Stay tuned for more AWS insights!!⚜ If you found this blog helpful, share it with your network! 🌐😊

Happy cloud computing! ☁️🚀

0
Subscribe to my newsletter

Read articles from Shailesh directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSAWS Certified Solutions Architect AssociatevpcsubnetroutinggatewaynetworkinglearningLearning Journey#learning-in-public90DaysOfCloud #90dayslearningchallenge

Written by

Shailesh
Shailesh

As a Solution Architect, I am responsible for designing and implementing scalable, secure, and efficient IT solutions. My key responsibilities include: 🔸Analysing business requirements and translating them into technical solutions. 🔸Developing comprehensive architectural plans to meet organizational goals. 🔸Ensuring seamless integration of new technologies with existing systems. 🔸Overseeing the implementation of projects to ensure alignment with design. 🔸Providing technical leadership and guidance to development teams. 🔸Conducting performance assessments and optimizing solutions for efficiency. 🔸Maintaining a keen focus on security, compliance, and best practices. Actively exploring new technologies and continuously refining strategies to drive innovation and excellence.