By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Subnet Route table edge associations error

0

Hello,

I'm trying to setup edge association in the subnet route table where I have inbound/outbound traffic to my appliance. I alredy have routes like 0.0.0.0/0 to nat gateway for outbound internet access. and I'm adding edge association to igw, so that inbound traffic from internet can reach to appliance. Is there any documentation about rules for edge association.

Error message: have igw-xxx1234 - Route table contains unsupported route destination. The unsupported route destination is less specific than or non-overlapping with VPC local CIDR.

Topics
Networking & Content Delivery
Tags
Amazon VPCNetworking & Content Delivery
Language
English
Himanshu
asked 5 months ago397 views
2 Answers
0

You cannot associate a route table with a gateway if any of the following applies:

  • The route table contains existing routes to CIDR blocks outside of the ranges in your VPC.

Additionally,

  • You cannot add routes to any CIDR blocks outside of the ranges in your VPC, including ranges larger than the individual VPC CIDR blocks.
  • You can only specify local, a Gateway Load Balancer endpoint, or a network interface as a target. You cannot specify any other types of targets, including individual host IP addresses.
  • When you route traffic through a middlebox appliance, the return traffic from the destination subnet must be routed through the same appliance. Asymmetric routing is not supported.

Say:

  • VPC: 10.0.0.0/16
  • Protected Subnet: 10.0.0.0/24 [ NAT GW subnet would be Protected subnet, if you are using NAT]
  • MiddleBox Appliance: eni-xxxxx

Gateway route table routes must be:

DestinationTarget
10.0.0.0/24eni-xxxxx

 

  • Forward : IGW >> Appliance AZ_A >> NAT GW >> EC2
  • Reverse : EC2 >> NAT GW >> Appliance AZ_A >> IGW

Reference:

[1] https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html#gateway-route-table-rules

profile picture
bijay_k
answered 5 months ago
0

Hello @Himanshu,

if you implementation is Like EC2 >> Nat gateway >> Appliance >> IGW, So you need to associate Routing table with the IGW is a route like :

DestinationTarget IP
NATGATEWAY SubnetAppliance IP
AWS
Shmosa
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content