EC2 response target IP

0

I want to better understand about the response target from EC2 in respect to traffic received from public ALB. Scenario: IGW is sending request to ALB and ALB have target to Instance in another VPC. Instance respond back the request but want to understand will it send the traffic back to ALB private ip address or to IGW as target of user ip.

IGW >> ALB (public) >> EC2 >> (reverse traffic) ALB >> IGW Accordingly, I'll create entries in TGW route table.

Thank you very much for solving my doubt !!

asked 9 months ago212 views
2 Answers
0

EC2 will send the response to the load balancer, and then the load balancer will send the response, via the IGW, onto the client which sent the original request

profile picture
EXPERT
Steve_M
answered 9 months ago
profile picture
EXPERT
reviewed 9 months ago
0

Your understanding is correct. ALB will always change source IP to it's own private IP of the ENIs.

To capture the original client IP, you can use X-forwarded-for header.

Also, this is the reason for security best practice, on the target EC2, we only allow traffic from security group applied to ALB.

profile pictureAWS
H_Shah
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions