How to connect to outside world from amazon vpc?

amazon-ec2 amazon-web-services connectivity vpc amazon-vpc
Andrey Regentov picture Andrey Regentov · Apr 20, 2012 · Viewed 66k times · Source

I have amazon VPC set through wizard as "public only network", so all my instances are in public subnet.

Instances within VPC that have Elastic IP assigned connect to internet without any troubles.

But instances without elastic IP can't connect anywhere.

Internet gateway is present. Route table in aws console looks like

Destination Target 
10.0.0.0/16 local
0.0.0.0/0   igw-nnnnn

and route from inside instance shows

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        *               255.255.255.0   U     0      0        0 eth0
default         10.0.0.1        0.0.0.0         UG    100    0        0 eth0

I tried to open ALL inbound and outbound traffic to 0.0.0.0/0 in security group that an instance belongs to. Still no success.

~$ ping google.com
PING google.com (74.125.224.36) 56(84) bytes of data.
^C
--- google.com ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5017ms

What else can I do?

Answer

Andrey Regentov picture Andrey Regentov · May 15, 2012

It appears that the only way to get outside from instances that don't have Elastic IP is:

  • add a NAT (Launch an extra m1.small instance from ami-vpc-nat-beta) and assign EIP to it
  • Create an extra subnet which will be "private"
  • Move non-EIP-instances to that private subnet
  • Modify route tables: 0.0.0.0/0 from the private subnet should go to NAT

So, just adding NAT is not enough. Instances should be stopped and moved to another IP from another subnet.

Related questions

Permission denied (publickey) when SSH Access to Amazon EC2 instance

I want to use my Amazon ec2 instance but faced the following error: Permission denied (publickey). I have created my key pair and downloaded .pem file. Given: chmod 600 pem file. Then, this command ssh -i /home/kashif/serverkey.pem ubuntu@…

Read More
Trying to SSH into an Amazon Ec2 instance - permission error

This is probably a stupidly simple question to some :) I've created a new linux instance on Amazon EC2, and as part of that downloaded the .pem file to allow me to SSH in. When I tried to ssh with: ssh …

Read More
Change key pair for ec2 instance

How do I change the key pair for my ec2 instance in AWS management console? I can stop the instance, I can create new key pair, but I don't see any link to modify the instance's key pair.

Read More