- Le plus récent
- Le plus de votes
- La plupart des commentaires
See this blog which walks you through on how to use VPC flow-logs with additional Meta-Data:
https://aws.amazon.com/blogs/aws/learn-from-your-vpc-flow-logs-with-additional-meta-data/
When you create a new VPC Flow Log, in addition to existing fields, you can now choose to add the following meta-data:
pkt-srcaddr : the packet-level IP address of the source. You typically use this field in conjunction with srcaddr to distinguish between the IP address of an intermediate layer through which traffic flows, such as a NAT gateway.
pkt-dstaddr : the packet-level destination IP address, similar to the previous one, but for destination IP addresses.
You could also take a look at the CloudWatch metrics that the NAT gateway is sending to see if it is active.
NAT GW will be in the Public subnet of this VPC. Check the private subnet in that VPC, then check the routes and find out if the internet access (usually 0.0.0.0/0)is pointed to NAT-abc. If the route is present then the instances in the private subnet is using this NAT to communicate outside.
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- demandé il y a 7 mois
AWS OFFICIELA mis à jour il y a 2 ans- AWS OFFICIELA mis à jour il y a 7 mois
- AWS OFFICIELA mis à jour il y a 2 ans
