👈

🛣️ Route Tables – Complete Explanation

🛣️ Route Tables – Complete Explanation

1️⃣ What is a Route Table?

A Route Table is a set of rules that tells a network:

Where to send traffic next.

In simple words:

A route table decides the path (route) that network packets should take.

2️⃣ Why Route Tables Are Needed

When a packet reaches a router or subnet, the system must answer:

“Where should this packet go?”

Without route tables:

Packets would be lost
Networks wouldn’t know how to communicate

3️⃣ Basic Route Table Concepts

A route table contains multiple routes.

Each route has:

Field	Meaning
Destination	IP range (CIDR)
Target	Where to send traffic

4️⃣ How Route Tables Work (Simple Logic)

Packet arrives
Destination IP is checked
Route table is scanned
Most specific route (longest prefix) is chosen
Packet is forwarded to target

5️⃣ Example of a Simple Route Table

Destination	Target
10.0.0.0/16	local
0.0.0.0/0	Internet Gateway

What this means:

Traffic within 10.0.0.0/16 stays inside VPC
All other traffic goes to the internet

6️⃣ Default Route (`0.0.0.0/0`)

0.0.0.0/0 means:

Any destination not matched by other routes

This is called the default route.

7️⃣ Longest Prefix Match (Very Important)

If multiple routes match:

The route with more specific CIDR wins

Example:

10.0.1.0/24 → local
10.0.0.0/16 → IGW

Traffic to 10.0.1.5 uses /24, not /16.

8️⃣ Route Tables in AWS (VPC Context)

In AWS:

Every VPC has route tables
Route tables are associated with subnets
One route table per subnet

9️⃣ Default Route Table in AWS

When you create a VPC:

AWS creates a main route table
All subnets use it unless changed

Default route:

VPC CIDR → local

🔟 Common Route Table Targets in AWS

Target	Purpose
local	VPC internal traffic
Internet Gateway (IGW)	Internet access
NAT Gateway	Outbound internet from private subnet
VPC Peering	Connect two VPCs
Transit Gateway	Hub routing
Virtual Private Gateway	VPN

1️⃣1️⃣ Public Subnet Route Table

Route Table:

Destination	Target
10.0.0.0/16	local
0.0.0.0/0	IGW

Result:

EC2 gets public internet access (if public IP exists)

1️⃣2️⃣ Private Subnet Route Table

Route Table:

Destination	Target
10.0.0.0/16	local
0.0.0.0/0	NAT Gateway

Result:

Outbound internet allowed
No inbound internet access

1️⃣3️⃣ Route Table Association

Each subnet:
- Must be associated with one route table
Route table:
- Can be associated with multiple subnets

1️⃣4️⃣ What Route Tables Do NOT Do

❌ They do NOT allow or block traffic ❌ They do NOT act as firewalls

👉 That’s the job of:

Security Groups
NACLs

1️⃣5️⃣ Route Tables vs Firewalls

Feature	Route Table	Firewall
Purpose	Path selection	Traffic filtering
Blocks traffic	❌ No	✅ Yes
Chooses destination	✅ Yes	❌ No

1️⃣6️⃣ Real AWS Traffic Flow Example

Private EC2 → Internet

EC2 sends packet
Route table sees 0.0.0.0/0
Sends traffic to NAT Gateway
NAT sends to IGW
Internet receives traffic

1️⃣7️⃣ Common AWS Exam Traps

❗ EC2 has public IP but no internet?

Check route table

❗ Private EC2 reachable from internet?

Impossible without IGW + public subnet

❗ VPC peering not working?

Missing route entry

1️⃣8️⃣ Route Table for VPC Peering

Example:

VPC A CIDR → Peering Connection

Both VPCs must have:

Correct route entries

1️⃣9️⃣ Route Propagation

Some gateways (VPN, TGW) can:

Automatically add routes
Using route propagation

2️⃣0️⃣ One-Line Exam Definition

A route table contains rules that determine where network traffic is directed within and outside a VPC.

2️⃣1️⃣ Simple Analogy

Route Table = Google Maps Firewall = Police Checkpoint

2️⃣2️⃣ Final Summary

Route tables decide traffic paths
They work on destination IP
Public vs Private subnets depend on route tables
They don’t provide security filtering
Essential for AWS networking