it works some what but not exactly......
in a private subnet instance I can telnet to google.com 443 and connect but when i traceroute from there it doesn't work
[ec2-user@ip-173-80-8-231 ~]$ systemctl status snat
● snat.service - SNAT via ENI eth1
Loaded: loaded (/etc/systemd/system/snat.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Thu 2022-02-17 05:18:20 UTC; 3min 58s ago
Process: 2438 ExecStart=/opt/nat/snat.sh (code=exited, status=0/SUCCESS)
Main PID: 2438 (code=exited, status=0/SUCCESS)
Feb 17 05:18:12 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: + sysctl -q -w net.ipv4.conf.eth1.send_redirects=0
Feb 17 05:18:12 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: + iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: + rm -f /etc/sysconfig/network-scripts/ifcfg-eth0
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: + ip route del default dev eth0
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: + curl --retry 10 http://www.example.com
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: % Total % Received % Xferd Average Speed Time Time Time Current
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: Dload Upload Total Spent Left Speed
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--...erver
Feb 17 05:18:13 ip-173-80-8-231.ap-east-1.compute.internal snat.sh[2438]: + systemctl restart amazon-ssm-agent.service
Feb 17 05:18:20 ip-173-80-8-231.ap-east-1.compute.internal systemd[1]: Started SNAT via ENI eth1.
Hint: Some lines were ellipsized, use -l to show in full.`
it works some what but not exactly...... in a private subnet instance I can telnet to google.com 443 and connect but when i traceroute from there it doesn't work
when I check the nat instance i get below
but i do have internet access from subnet