2. 程式人生 > >Troubleshoot Issues with VPC Route Tables

Troubleshoot Issues with VPC Route Tables

阿新 發佈:2019-01-12

To identify the source of the issue, check the route tables of the subnets with the resources that are impacted.

Public subnets

  1. In the navigation pane, under Subnets, choose your public subnet.
  2. Choose the Route Table view.
  3. Confirm that the route table destination has a default route (0.0.0.0/0 for IPv4 and ::/0 for IPv6) that points to an internet gateway.

Subnets using NAT instances or NAT gateways

  1. In the navigation pane, under Subnets, choose your private subnet.
  2. Choose the Route Table view, and confirm that the route table has a default route that points to a NAT instance or gateway.
  3. Confirm that the NAT device is launched in a public subnet and perform the checks required for public subnets listed in the previous section.
    Note: If you're using a NAT instance, be sure you've disabled the source destination check.
  4. If you configure your Amazon VPC with IPv6, and you want to
    prevent traffic from the internet routing to your instances in a private subnet    , use egress-only internet gateways. For more information about configuring an egress-only internet gateway, see Egress-Only Internet Gateways.

For more information about troubleshooting VPC peering connection issues, see Troubleshooting NAT Gateways.

Subnets using VPC peering connections

  1. In the navigation pane, choose Peering Connections, and choose your peering connection.
  2. Confirm its status is Active.
  3. From the navigation pane, choose Subnets, and choose the subnets of the Amazon VPC that you want to connect using a peering connection.
  4. Choose the Route Tables view, and confirm that they have routes to CIDR with specific subnets or to the entire CIDR of the peered Amazon VPC, including the peering connection noted in step 2.
  5. Confirm that the route tables include all the subnets for the peered Amazon VPC.
    Note: Confirm there are no invalid VPC peering connection configurations.

Subnets using AWS VPN

  1. In the navigation pane, choose VPN Connections, and then choose the VPN connection.
  2. Confirm that the VPN status is available and at least one of the tunnels' status is UP.
    Note: If you are using a dynamic VPN, be sure that BGP routes are received by AWS VPN. You can enable route propagation to confirm that the BGP routes are being propagated to the virtual private gateway.
  3. Note the virtual private gateway used for this VPN connection.
  4. Choose Subnets from the navigation pane, and select the subnet of the Amazon VPC that you want to connect to the VPN.
  5. Choose the Route Table view, then confirm that the route destination is your network and the target is the virtual private gateway noted in step 4.

Subnets using AWS Direct Connect

  1. In the navigation pane, choose Virtual Interfaces, and then choose the private virtual interface.
  2. Confirm that the BGP status is UP.
  3. Note the virtual private gateway used for the private virtual interface.
  4. In the navigation pane, under Subnets, select the subnets of the Amazon VPC that you want to connect using AWS Direct Connect.
  5. Choose the Route Table view, then confirm that there is a route with the destination of your network and a target of the virtual private gateway as noted in step 4.
    Note: If you are using BGP, be sure that the routes are received by AWS. You can enable route propagation to confirm that the BGP routes are being propagated to the virtual private gateway.

Subnets using gateway VPC endpoints

  1. In the navigation pane, choose Endpoints, and choose the endpoint.
  2. Confirm its status is available, and note the Endpoint ID.
  3. In the navigation pane, under Subnets, select the subnet of the Amazon VPC that you want to connect to an AWS service using an endpoint.
  4. Choose the Route Tables view, then confirm that there is a route added to the route table with a destination that specifies the prefix list ID of the service and a target with the endpoint ID obtained in step 3.
  5. Confirm that the VPC endpoint policy allows communication to an AWS service for the resources in the subnets of your Amazon VPC.

Subnets using virtual interface VPC endpoints

  1. In the navigation pane, choose Endpoints, and choose the endpoint.
  2. Choose the Subnets column, and confirm that an endpoint network interface has been created in the subnet associated with service you want to connect.
  3. In the navigation pane, under Endpoints, choose the Policy view.
  4. Confirm that the security group is allowing access to the AWS service.

For more information on troubleshooting Interface VPC endpoints, see Interface VPC Endpoints.

相關推薦

Troubleshoot Issues with VPC Route Tables

To identify the source of the issue, check the route tables of the subnets with the resources that are impacted. Public subnets

Troubleshoot Issues With Amazon VPC Interface Endpoints

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So

Troubleshoot Issues with CloudHSM Classic using Logs

Collect syslogs from your CloudHSM appliance The HSM appliance generates logs that can be exported via syslog. Syslogs can be used t

Troubleshoot Issues with CloudFront Caching Times

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So

Troubleshoot Issues with SES Publishing Data to Kinesis Firehose

Here are some reasons why Amazon SES might not publish data to Amazon Kinesis Firehose: The delivery stream was deleted S

Resolve Issues with Throttled DynamoDB Tables

Partitions are usually throttled when they are accessed by your downstream applications much more frequently than other partitions (that is, a

Troubleshoot Issues Deleting VPC Security Groups

Default security group Default security groups can't be deleted. To verify if a security group is a default resource, follow these s

Troubleshoot Issues with Latency

Note: Latency between hosts on the internet can change over time due to changes in network connectivity and routing. Clients with

Use Logs to Troubleshoot Issues with Hive Queries in Amazon EMR

$ aws s3 ls s3://aws-logs-223377617334-us-west-2/elasticmapreduce/j-3MCDUQO2MWNJ5/ PRE containers/

Troubleshoot Issues Connecting to S3 from VPC Endpoints

You might experience connectivity issues with your gateway VPC endpoint due to network access or security rules that allow the connection to Am

Troubleshoot SMTP Connectivity or Timeout Issues with Amazon SES

2.    Note the output. 3.    If the connection times out, check your local firewall rules, routes, and access control lists (ACLs).

Troubleshoot Issues Passing DHCP Parameters to Instances in a VPC

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So

Troubleshoot Disk Space Issues with EMR Core Nodes

Check for these common causes of disk space use on the core node: Local and temp files from the Spark application When yo

Troubleshoot Errors with Creating Amazon Route 53 Resource Record Sets Using the AWS CLI

An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation: RRSet of type CNAME with DNS name domain.com. is no

Enough with the Data Tables

Enough with the Data TablesData is important. But just providing data to your users isn’t enough to help them understand their world and take actions.There

Navigant Research Publishes Report on Key Issues with Autonomous Vehicle Data

The autonomous systems piloting self-driving cars will make decisions that have life-and-death consequences. There is little room for error in their abilit

Resolve Intermittent Connection Issues With NAT Instances

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So

Resolve Issues with Limits for ENIs

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So

Resolve Issues With Docker Expanding the Thin Pool

Docker attempts to automatically expand its thin pool but fails with the message "Insufficient free space" or "Failed to extend thin docker-doc

Resolve Issues with the AWS Activate Business Support Plan

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So