NLB for Instances in Private Subnet

I am trying to place two instances in private subnets in two different AZs, and put NLB in public subnets and allow NLB to work for private instances. I notice NLB doesn't have SGs tied to them and my instances have an allow all SG on them. The health checks fail on the TGs and I cant seem to figure out why. Is there a trick to this? I also have NAT gateways in each Private subnet with EIPs attached to them.

주제

네트워킹 및 콘텐츠 전송

태그

탄력적 로드 밸런싱

언어

English

stevenjwilliams0728

질문됨 2년 전972회 조회

3개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

My SGs on my instances are completely wide open. Do I even need NAT Gateways?

stevenjwilliams0728

답변함 2년 전

Tushar_J 전문가
2년 전
You would need NAT gateways only if you need connectivity to the internet from instances in private subnets.

Have you checked the NACLs also as mentioned here

Also what TCP/UDP port your application is running on? Perhaps check if that application is running, for example if the target is a Linux instance run netstat -an | grep <Port number>

전문가

Tushar_J

답변함 2년 전

Hi - I think a similar discussions and pointers here may help you. https://repost.aws/questions/QUuueXAi20QuisbkOhinnbzQ/aws-nlb-security-group

전문가

AWS-User-Nitin

답변함 2년 전

NLB for Instances in Private Subnet

관련 콘텐츠