Skip to main content
HashnodeUntitled Publication

Command Palette

Search for a command to run...

Multiple VPC Networks (Lab GSP211)

Updated
2 min read
A
Abhiraj Rode

Task 1. Create custom mode VPC networks with firewall rules

  • Created the managementnet network.

  • Created the privatenet network.

  • Created the firewall rules for managementnet.

  • Created the firewall rules for privatenet

Task 2. Create VM instances

  • Created the managementnet-vm-1 instance.

  • Created the privatenet-vm-1 instance.

Task 3. Explore the connectivity between VM instances

  • Ping the external IP addresses

Note : You are able to ping the external IP address of all VM instances, even though they are either in a different zone or VPC network. This confirms public access to those instances is only controlled by the ICMP firewall rules that you established earlier.

  • Ping the internal IP addresses

Note : you are able to ping the internal IP address of mynet-vm-2 because it is on the same VPC network as the source of the ping (mynet-vm-1), even though both VM instances are in separate zones, regions and continents!

But,

You are unable to ping the internal IP address of managementnet-vm-1 and privatenet-vm-1 because they are in separate VPC networks from the source of the ping (mynet-vm-1), even though they are all in the same region.

Task 4. Create a VM instance with multiple network interfaces

  • Explore the network interface details

Note : Each network interface has its own internal IP address so that the VM instance can communicate with those networks.

  • Explore the network interface connectivity

Note: You are able to ping privatenet-vm-1 by its name because VPC networks have an internal DNS service that allows you to address instances by their DNS names rather than their internal IP addresses. When an internal DNS query is made with the instance hostname, it resolves to the primary interface (nic0) of the instance. Therefore, this only works for privatenet-vm-1 in this case.

Note: We cannot pign the my-net-vm-2 beacuse In a multiple interface instance, every interface gets a route for the subnet that it is in. In addition, the instance gets a single default route that is associated with the primary interface eth0. Unless manually configured otherwise, any traffic leaving an instance for any destination other than a directly connected subnet will leave the instance via the default route on eth0.

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Untitled Publication

16 posts