AWS - VPC Demo, Public & Private Subnets, Route Tables, Internet & NAT Gateways

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello guys welcome to knowledge India in this tutorial we are going to talk about virtual private cloud VPC which is one of the most fundamental topics of vws okay so what I want to do is I'll go ahead and build a VPC from scratch and I will talk I will try to cover the different aspects of it so that you understand that how does it work okay fine so let us get started I'll switch to a particular region let us say not California and okay so you can see you know AWS recently changed the whole why now you can because there are a lot of services you can go ahead and just search for it even click on that now the VPC dashboard comes up and we will see that there is one VPC already there so which is the default BBC a SS gives you our default view see in every region it is just for the purpose that when you are getting started and you don't know how to create a VP see there is a real easy for you for default you you know by default you can go ahead and it'll just quickly create ec2 instances and that particular BBC but do not use this default VPC for your customer deployments so our intention is to loan out creative EPC alright so let us go and click on your VP C's I'll say create now I can go ahead and give it a name I call it my PC and I need to give a CIDR block so that's am giving 10.0.0.0 slash 26 I am keeping the tendency to fall there's another tendency available as well dedicated if you choose dedicated then you will be able to launch only dedicated instances or dedicated to host instances in this particular week we see we don't want to do that so if you are choosing default then you can launch all three types of the ec2 instances within that which are shared dedicated instances and dedicated closed I'm going to keep it default and move forward I hope you understand what this particular CIDR block means it it represents a range of IP address if we need to if we want to understand that what how to calculate that I can explain you that so if you see a range of IP address like this it represents it represents a range of IP address where the start would be whatever you see before the slash and in order to understand find out how many IP addresses are there in this range it was simple calculation where you do due to the power of 32 - you put the number which is after this match like this so which becomes 2 to the power of 6 right which is equal to 64 so we have 64 IP addresses in this range of the starting there's 10.0 - the word zero and this is going to be simple right so we have totally 64 IP addresses in this particular CIDR and what we are going to do is we will divide it into four subjects right of 16 IP addresses each okay fine so we'll go ahead and do that okay services created next we go ahead and divide this VDC into subnets right now understand that we busy exists into a particular region you did not give any availabilities on their one UPC can not span across three so I'm I've created this particularly busy in north California region I go further and now there are I go to the subnet so these are the two subnets which are there of the default vbc I will go ahead and say create subnet I'll give it a name I'm going to call it private a because I will be creating it in the availability zone E and I'll choose my V PC and now we need to give it a range of IP address basically in the CIDR format so I already told you that I am going to divide 264 IP addresses into four blocks right on basically into four subnets of 16 IP addressing so I'm going to put it like this not 2 to the power 32 minus 28 is 2 to the power 4 which is 16 so that makes sense this particular thing start will start from 0 and end at 50 ok all right I can just filter so that we see only the ones which we are creating now okay to create one more private and this time the other will build is on sorry I'll call you for HC let's write $10 that's at 16 so first one was there up to 15 so second one starts from 16 and report like this okay it's that so following the principle of high availability we are creating two subnets private in two subnets public both in different availability zones all right let's go ahead create to public sublet cells with the same manner this time 32 / - gate so the second one ended at 31 so this one is starting at t2 and this one will end at 47 and next one we'll start at 48 all right spike alert sorry uplink see right so at this all our four subnets will get great now remember if you try to give a CIDR block which is conflicting meaning if you try to give a range which is you know already used then it will give you a rare here itself right basically subnets cannot clash in terms of IP addresses right okay now you can see we have what four subjects created here you can see the availability zone as well right yeah now something to remember we have divided it into four subnets of 16 IP addresses but the available IP addresses are only 11 in all this is because whenever you create a subnet on a 2 + 5 I P addresses are reserved or kept for internal usage which will not be available to you so how what are those five IP addresses in every subnet the first 4 and the last one IP address right so those by 5 IP addresses would not be available to you all right now we move to the next important thing which is round tables now as you can see you have one round table available with your with your EPC which you have created with any VPC you bring it one wrong table gets created by default and that is all the main draw people of your EPC you see the main attribute as yes ok I'll go ahead and just rename it for our convenience I am going to call it say public RT oops sorry okay I will also create one more or table so this is going to be custom variable I'm going to call it private arty and one out why I am creating one public and one private the public router table is going to get associated to the public subnets and private one to the privates of this so you can see currently none of them are associated to anything explicitly so it is also important to understand that if there is no roundtable explicitly associated to a subnet the main route people of that vbc will be used for the subject so if I if I don't go and do any explicit Association automatically the main route table this one will be used for all the surveys but we will go ahead and do the explicit Association now also yeah all right so let us go ahead and do that we can just do it here to go to the separate Association plus edit so this one is private associated with both the private once I save you will see the number changing here too to know I don't know light is all right so this is done we choose the second one and we do this in here now we're associated with both public one so please hear it so remember that one sublet can have only one crowd people or meaning one sublet can have only one route people associate associated to it but one wrong table can be associated to multiple submits that is possible we did it just not so this both are all tables you see are associated to to two subjects right okay now we need to go and do some change here because currently if you see look at the roots in both of our table it is seen so there's no difference in the now you need to make the two subnets public how when when is the subject considered public when there is a food available in The Associated route table to the Internet gateway now internet betwe is the entity which allows an activity from your V PC to outside internet so I'm just creating and it is a managed service you don't have to worry about its scalability availability nothing you don't have to worry about it if I graded it now I need to attach it to your my baby see see there only my V PC is coming in the drop-down that is because only one Internet gateway can be attached to a vbc you cannot attach n number of them technically it means because it is already scalable okay so we go back and we use the public route table it go to edit and the routes and we add one road now we will send all the internet bound traffic from this particular subnet you see here the IG table started coming and we save this alright so we have accomplished our public our table and it is attached to the two subnets already which means now both of these subnets are have actually become public submit grade so one more thing which we want to do is become to NAT gateways now what is the importance of NAT Gateway first of all let us just choose that would be created you keep till you need to keep an add gateway in the public subnet always remember so we'll choose one of the public sublet and you need to give it an IP address okay I gave that you go ahead and edit that our tables go to the private one go to the roads say edit and anything which is Internet bound traffic that will send to mad mobs that we do this and we say alright so are both at our tables are ready and it is always situation is done we have created intermediate gateway we have created not gateways well let us quickly understand what is the use of Internet gateway and gateway helps all the outbound all the internet bound traffic which is getting originated from your private instances to go to Internet and then it gets that applied from the Internet and sin gives it to your private instance instead say in your private subnet you've got you know a database server or database or needs to download some DB level or always level not just from the internet so it will originate traffic to Internet and because private instances are not going to have public IP they can never communicate directly to the Internet it sends traffic first and that gateway and add gateway sends it to the Internet it's the reply back and gives it to the private entrance it just acts as your as a forward proxy as you know you people have in your organization now that gateway is also a managed service so you do not have to worry about its availability and scalability at all whenever traffic increases it will scale automatically you don't have to worry about it and we had chosen and pasted it in the public subnet this particular public event that's where you see one IP address got reduced because NAT gateway is using one of the private IP as well of course all right so we have all this done so this is how you can create a V PC you can divide it into subnets you can you can size it in the way you want I have kept it simple here based on your needs you can you know choose different sizes you can probably keep public so much smaller and private subnets bigger and then place your instances within that few quick settings here will go ahead and for the for the public subnets we will change one property which is modify out sign public IP we'll make it true which means this property will be shown when you are launching instances and this particular subnet so we want that when instances are being launched in the public subnet they should get a public IP that's why we are making this particular property yes true and at the VPC level you can go out and select your v pc you can go ahead and select edit dns resolution this is yes already so it is good you can also do edit DNS host name so that the instance is launched in this particular way we see they get a private host name as well alright so I think we are good with that I will end this tutorial here if you have any questions related to V PC please go ahead and write it in the comment section you can subscribe and like this and share this you will go ahead and in another video I will go ahead and launch instances and will show you how it works between public and private instances alright thank you have a great time bye bye

Info

Channel: knowledgeindia AWS Azure GCP tutorials

Views: 432,965

Rating: undefined out of 5

Keywords: aws, vpc, route table, public subnet, private subnet, internet gateway, NAT gateway

Id: tD9vDv0uyI8

Channel Id: undefined

Length: 14min 46sec (886 seconds)

Published: Sat Dec 10 2016