AWS

Internet User

Cornell network

Cornell Private Network

Cornell Public Network

Private Subnet

10.92.105.0/24

Public Subnet

10.92.104.0/24

Service

B

Client 1

private IP: 10.92.105.100

private IP: 10.92.104.200

public EIP: 55.44.33.22

Client 3

10.92.104.200

cannot be directly contacted without VPN

10.92.104.200 &

10.92.105.100

cannot be directly contacted without VPN

55.44.33.22 cannot be directly contacted without NAT

Route Table 10.92.105.0/24

Destination Next Hop

10.92.104.0/23 VPC Local

10.0.0.0/8 VGW

128.84.0.0/16 VGW

132.236.0.0/16 VGW

[..]

10.92.104.0/23

Route Table 10.92.104.0/24

Destination Next Hop

10.92.104.0/23 VPC Local

10.0.0.0/8 VGW

0.0.0.0/0 IGW

Service

A

Direct Connect Routing

From AWS To AWS

10.0.0.0/8 10.92.104.0/23

128.84.0.0/16

132.236.0.0/16

[..]

Internet

Gateway

(IGW)

Public

Internet

campus

routing

Client 2

Virtual

Private

Gateway

(VGW)

Direct Connect