AWS Certified Cloud Practitioner (CLF-C02)
-
On the video regarding "Popular Networking Services" at 11:33 into the video. The public subnet is assigned a private IP address. Wouldn't a public subnet be assigned a public IP address per device?
-
Hey @Daniel-Engelkes, great question. See the following AWS documentation for IP Addressing in VPCs: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html
-
In addition to the great link from Wes - realize that in most AWS network designs, "public" subnet references a VPC subnet that permits external access (through a firewall). These "public" subnets are addresses privately since an Internet Gateway provides IP connectivity.
-
@Anthony-Sequeira-0 Thank you, I am going to put on my CCNA Hat. So when the Internet Gateway provides the Public IP connectivity is that done using some form of NAT or PAT?
-
@wes-bryan Thank you for responding, so the public subnet is provided a private IP address for internal communication but the Internet Gateway provide the Public IP using NAT from what I have read in the documentation but how is NAT Implemented? When I took CCNA Prep courses they discuss Static NAT, Dynamic NAT and PAT as forms of implementation.
-
Hi Daniel! Yes - you are correct. One of the great things about the cloud (and AWS) is that many of these processes are automated and seamless. The Internet Gateway is handling the translations that are required. NOTE: When you have resources in the public subnet that truly need a static public address - we can use AWS Elastic IP addresses for this purpose. These are public IP addresses that we pay for while we are using them in our topology.
-
@Anthony-Sequeira-0 Thank you, so any devices or service in the public subnet would require a one to one mapping for Static Nat. I am trying to understand the underlying technology that makes the system work.
-
We don't really know what AWS is doing behind the scenes for our NAT - it just works! For companies that do want to precisely control how the NAT functions, AWS does offer various solutions for NAT. Most customers, however, LOVE the fact that they do not have to worry about the configuration of Network Address Translation.
