1
00:00:06,574 --> 00:00:09,942
- So here, let's review a demo of routing

2
00:00:09,942 --> 00:00:12,427
our subnets to the Internet.

3
00:00:12,427 --> 00:00:14,614
Again, back in the console,

4
00:00:14,614 --> 00:00:18,390
I'm going to make sure that
we are filtered by the VPC

5
00:00:18,390 --> 00:00:22,557
that we're working with, in
this case the 10.2 slash 16.

6
00:00:24,090 --> 00:00:27,813
From here, I'm going to
go to my Route Tables.

7
00:00:27,813 --> 00:00:31,735
And you will see that
we have one route table.

8
00:00:31,735 --> 00:00:35,573
This is what we call the main
or the default route table.

9
00:00:35,573 --> 00:00:39,931
You'll notice that it is, where
we say subnet associations,

10
00:00:39,931 --> 00:00:43,176
it says zero subnets are
explicitly associated.

11
00:00:43,176 --> 00:00:47,043
That means that these particular subnets,

12
00:00:47,043 --> 00:00:51,231
because they don't have a route
table directly associated,

13
00:00:51,231 --> 00:00:54,227
that they are falling
back to this route table

14
00:00:54,227 --> 00:00:55,644
as their default.

15
00:00:57,373 --> 00:01:00,323
That's what makes this
the main route table.

16
00:01:00,323 --> 00:01:02,103
So, what I want to do,

17
00:01:02,103 --> 00:01:04,770
if you'll notice here that the
route that we have is local,

18
00:01:04,770 --> 00:01:08,113
and what I like to do is
keep the main route table,

19
00:01:08,113 --> 00:01:11,463
the fallback route table private,

20
00:01:11,463 --> 00:01:14,461
so that we don't end
up inadvertently giving

21
00:01:14,461 --> 00:01:19,427
public internet access to
subnets without realizing it.

22
00:01:19,427 --> 00:01:22,084
So, the first thing that I want to do is,

23
00:01:22,084 --> 00:01:24,720
I'm going to create a new route table

24
00:01:24,720 --> 00:01:29,053
and I'm going to call
this one "public traffic."

25
00:01:29,053 --> 00:01:31,256
And again I want to make
sure that we're using

26
00:01:31,256 --> 00:01:35,423
the right VPC here, not
the default, but our 10.2.

27
00:01:39,964 --> 00:01:41,964
Wait for that to create.

28
00:01:43,998 --> 00:01:47,295
So, now we have our public
traffic route table.

29
00:01:47,295 --> 00:01:51,072
You can see that it is not
considered the main route table,

30
00:01:51,072 --> 00:01:54,986
and again it doesn't have
any explicit associations.

31
00:01:54,986 --> 00:01:57,987
But we do want to
associate this route table

32
00:01:57,987 --> 00:02:01,039
with our two subnets that we created

33
00:02:01,039 --> 00:02:03,352
that are meant to be public.

34
00:02:03,352 --> 00:02:06,680
So I'm going to edit
that and make sure that

35
00:02:06,680 --> 00:02:09,154
this particular route
table for public traffic

36
00:02:09,154 --> 00:02:12,859
is associated with those two subnets.

37
00:02:12,859 --> 00:02:15,109
And I'm going to save that.

38
00:02:18,455 --> 00:02:20,792
And there we go, now you can see that

39
00:02:20,792 --> 00:02:23,618
this particular route table
is explicitly associated

40
00:02:23,618 --> 00:02:25,342
with these two subnets.

41
00:02:25,342 --> 00:02:29,284
That means that those two
subnets will use whatever routes

42
00:02:29,284 --> 00:02:32,644
we specify here in this route table.

43
00:02:32,644 --> 00:02:35,518
So, we have our route tables attached.

44
00:02:35,518 --> 00:02:38,849
Now, in order to get traffic
to and from the internet,

45
00:02:38,849 --> 00:02:42,477
one more thing that we need
is an internet gateway.

46
00:02:42,477 --> 00:02:44,819
And we don't have any for this VPC yet,

47
00:02:44,819 --> 00:02:46,914
so I'm going to create one.

48
00:02:46,914 --> 00:02:51,081
Again I'm going to call this
one, atobs live lessons.

49
00:02:55,314 --> 00:02:59,314
Sometimes it takes a
second for that to show up.

50
00:03:00,330 --> 00:03:03,610
There we go, so what we needed
to do was undo our filter,

51
00:03:03,610 --> 00:03:08,267
because this internet gateway
is not attached to a VPC yet.

52
00:03:08,267 --> 00:03:11,361
So, I'm going to highlight that

53
00:03:11,361 --> 00:03:15,786
and I'm going to attach
that internet gateway

54
00:03:15,786 --> 00:03:20,373
to the appropriate VPC,
in this case, the 10.2.

55
00:03:20,373 --> 00:03:23,272
I'm going to go ahead
and click yes, attach.

56
00:03:23,272 --> 00:03:25,489
And now you can see that,

57
00:03:25,489 --> 00:03:28,268
not only do we need to
create the internet gateway,

58
00:03:28,268 --> 00:03:32,179
but we also have to associate
it or attach it to a VPC.

59
00:03:32,179 --> 00:03:36,421
Now that that internet gateway
is available to our VPC,

60
00:03:36,421 --> 00:03:39,452
we can go back to our route tables.

61
00:03:39,452 --> 00:03:41,952
I'm gonna again filter by VPC.

62
00:03:44,215 --> 00:03:47,833
I'm going to choose this
public traffic route table.

63
00:03:47,833 --> 00:03:50,753
And you can see that we
only have local traffic.

64
00:03:50,753 --> 00:03:54,500
I'm going to edit that, add another route.

65
00:03:54,500 --> 00:03:58,083
And in this case, I
want to say all zeroes.

66
00:04:00,234 --> 00:04:02,874
And you can see here,
just by clicking in there,

67
00:04:02,874 --> 00:04:05,592
gives me the option to
choose the internet gateway

68
00:04:05,592 --> 00:04:06,863
that we just created.

69
00:04:06,863 --> 00:04:10,098
So this particular route
says that essentially

70
00:04:10,098 --> 00:04:14,265
all other traffic should be
routed to the internet gateway.

71
00:04:15,718 --> 00:04:17,885
So I'm going to save that.

72
00:04:19,007 --> 00:04:21,971
Now there is one more thing
that we need to ensure.

73
00:04:21,971 --> 00:04:23,899
In order for virtual machines

74
00:04:23,899 --> 00:04:26,875
within these public subnets here,

75
00:04:26,875 --> 00:04:29,819
to actually communicate with the internet,

76
00:04:29,819 --> 00:04:34,344
they need the internet gateway
to be attached to the VPC.

77
00:04:34,344 --> 00:04:37,439
They need a route table and a route entry

78
00:04:37,439 --> 00:04:39,795
that actually says traffic can flow.

79
00:04:39,795 --> 00:04:41,691
You can see here

80
00:04:41,691 --> 00:04:45,529
that we have that route
entry and that route table.

81
00:04:45,529 --> 00:04:49,198
The other thing that they
need is a public IP address.

82
00:04:49,198 --> 00:04:50,948
Now, we can get that.

83
00:04:55,801 --> 00:05:00,121
Here we can say modify
auto-assign public IP.

84
00:05:00,121 --> 00:05:02,475
And I'm going to check that,

85
00:05:02,475 --> 00:05:06,821
so that when we launch
EC2 virtual machines,

86
00:05:06,821 --> 00:05:11,527
or EC2 instances as we call
them, into that subnet,

87
00:05:11,527 --> 00:05:13,944
we can choose for that EC twins

88
00:05:13,944 --> 00:05:16,694
to automatically get a public IP.

89
00:05:17,958 --> 00:05:19,590
If you don't do that,

90
00:05:19,590 --> 00:05:23,863
if you end up launching an EC2
instance without a public IP,

91
00:05:23,863 --> 00:05:26,880
it will not be able to
communicate with the internet.

92
00:05:26,880 --> 00:05:29,997
So I'm going to do the same
thing here on the other subnet.

93
00:05:29,997 --> 00:05:32,278
Again I'm going to modify that,

94
00:05:32,278 --> 00:05:35,280
enable auto assign public IP.

95
00:05:35,280 --> 00:05:36,812
And hit save.

96
00:05:36,812 --> 00:05:41,103
And that way, any EC2
instances that are launched

97
00:05:41,103 --> 00:05:44,071
into those subnets will
receive a public IP

98
00:05:44,071 --> 00:05:46,029
and their traffic will be routed

99
00:05:46,029 --> 00:05:49,835
through the internet gateway
to and from the internet.

100
00:05:49,835 --> 00:05:53,717
And that is how we route
traffic to the internet

101
00:05:53,717 --> 00:05:56,134
in AWS Virtual Private Cloud.