Open satish8450 opened 4 months ago
TRANSIT-GATEWAY
in VPC peering we can communicate for 2 or 3 vpc' , For example in Region there is 100+ vpc's How can we communicate for one vpc to remaining 99 vpc's ? it's not possible right for this we need to edit 99 vpc's Routable routes
For example we are in VPC1 we want to connect VPC10 The transitgateway will allow the connection between this two VPC's only without disturb another VPC's
Note : This TG will only for region specific not allow for remaining regions
Setup:
Create Two VPC's with in same region that should be having below Steps
1.VPC1 : Subnet1,IGW1 attach to VPC, RT1 associate with Subnet. Edit route with Allow All access,SG1
2.VPC2 : Subnet2,IGW2 attach to VPC, RT2 associate with Subnet. Edit route with Allow All access,SG2
Launch servers
Create Transit Gateway --> Configure the transit gateway as defaults Create 2-TransitGateway Attachments these should be attach to both VPc's and Transit gateway ID : above create TG ID Go-to RT1 edit routes with VPC2 Ip address target as Transitgateway(Attachament1) Go-to RT2 edit routes with VPC1 Ip address target as Transitgateway(Attachament2)
Connection established between Server1 <===> Server2 Like we can integrate n no of serves
NATgateWay
NAT (Network Addressing Transmission)
Nat is used to get the aceess for Private Subnet Applications Ex:Database servers
if we do something ping in database server this request will go first public server thorough internet and responce will validated by NAT
SetUP
Create one vpc with some CIDR range. Create 1PublicSubnet and 1Private Subnet PublicSubnet= The subnet which is havning IGW with RouteTable(subnetAssociation) --> Internet Access allowed PrivateSubnet= No internet access we will assocaite with NAT RT (backward connection)
Launch two Servers in Public and Private Subnets
We can able to connect Publicsubnet Server becoz we have enabled internet , Private Subenet server won't
But if we ping private IP adderess of private server we can able to get ping
How to connect PublicServer to Private Server : Login to publicserver excute below command "ssh -i pem.key ec2-user@PrivateIpof Private Server
Note: pem.key is file which is having keypair copy it from local mechine https://www.youtube.com/watch?v=ItnY0AkSNxo
Here we need to establish two connections Backward and Forward connections
Forward connections : Create NAT gateway (PUBLICSUBNET)with ELASTIC IP Backward Connection : Create RT and assocatite This RT to PRivateSubnet edit Routes with NATGATWAY as target Allow all
Main Purpose of NATGATWAYE to used for to get the internet access for Privatesubnet through publicsubnet