Azure for AWS professionals - Networking - AWS - 03 Route Tables@20aman Oct 02, 2019
Note that this post is a part of the series. You can view all posts in this series here: Azure for AWS professionals - Index
A Route Table is just as the name suggests, it is a table consisting of the routes. This determines how the traffic is routed between the subnets and even out of the virtual network. Each entry in this table is called a "route". When you create a VPC, one main route table is automatically created for your VPC and is associated with the subnet of the VPC. You can create custom route tables. E.g. you may want to send all traffic to a network virtual appliance i.e. a firewall. You may have Palo Alto or CheckPoint or any other firewall in your environment and you want the traffic to route via that firewall. You can achieve this via route tables.
To start, navigate to your VPC section in AWS. Then from the left menu, click on the "Route Tables" option. You can create a new table here as well by clicking on the "Create route table" button. For now, we will work with an existing route table on our VPC. Select the route table that you want to view the details or edit.
At the bottom panel, you will be able to view the following settings for the selected route table:
- Subnet Associations
- Edge Associations
- Route Propagation
You can also either right-click on your route table or click on the Actions button to view the options related to this route table. Two options that we are interested in are:
- Edit subnet associations
- Edit routes
Under the "Edit subnet associations" section, you can view the currently associated subnets. You can also link other subnets to the selected route table.
Under the Edit routes option, you can edit the current routes and can also add new routes to the route table. A single route simply defines a Destination, Target, Status and Propagated. The destination is where the traffic (that originated in your subnet) is headed. A destination of "0.0.0.0/0" means all traffic. Note that all zeros i.e. all traffic-related route should be the last one. These routes are evaluated in order.
If the traffic is destined for an IP address that is defined by 1st rule, then it will be sent to the device defined by the Target value of the route. The value "local" for the Target means to allow the traffic and keep it local, instead of sending anywhere else. You can also send the traffic to virtual appliances and gateways here.
Routes tables are very powerful in determining how the traffic will flow in your environment and should be designed appropriately and tested thoroughly.