AWS
Internet User
Cornell network
Cornell Private Network
Cornell Public Network
Private Subnet
10.92.105.0/24
Public Subnet
10.92.104.0/24
Service
B
Client 1
private IP: 10.92.105.100
private IP: 10.92.104.200
public EIP: 55.44.33.22
Client 3
55.44.33.22
cannot be directly contacted due to asymmetric routing
10.92.104.200 &
10.92.105.100
cannot be directly contacted without VPN
55.44.33.22 cannot be directly contacted without NAT
Route Table 10.92.105.0/24
Destination Next Hop
10.92.104.0/23 VPC Local
10.0.0.0/8 VGW
128.84.0.0/16 VGW
132.236.0.0/16 VGW
[..]
10.92.104.0/23
Route Table 10.92.104.0/24
Destination Next Hop
10.92.104.0/23 VPC Local
10.0.0.0/8 VGW
128.84.0.0/16 VGW
132.236.0.0/16 VGW
[..]
0.0.0.0/0 IGW
Service
A
Direct Connect Routing
From AWS To AWS
10.0.0.0/8 10.92.104.0/23
128.84.0.0/16
132.236.0.0/16
[..]
Internet
Gateway
(IGW)
Public
Internet
Virtual
Private
Gateway
(VGW)
Client 2
campus
routing
Direct Connect