I had a hard time understanding route tables simply because, networking, eh? Destination? Target? That could very well mean the same thing in my mind. Then I got to a point where I actually had to work with it in a project and just like that, I finally understood it and it actually made sense. So here I’m just gonna tell you the basics.
Alright so you have your VPC and a route table, maybe like the image below.
The first headers we’re gonna look at is Destination and Target. Lets pretend that you’re in your car driving from Los Angeles, CA to Las Vegas, NV. How do you get there? That’s what the route table tells you. In this case, the destination is Las Vegas. That’s WHERE you want to go. The target in this case is HOW you get there. If we look at the map it might be clear. Ignore the first miles, we go directly to the highway.
As you can see here, we should take highway 15 to get to the destination, which again is Las Vegas. If this was a route table, we would put Las Vegas in the destination, and highway 15 in the target.
The same idea applies to networking traffic. The route table routes the traffic in the subnets it’s associated to. So if we look at the first image again we have two routes. The 172.31.0.0/16 with target local is a AWS standard route which can’t be changed. It simply says that any traffic within it’s own subnet should be routed within the subnet. So if you have a EC2 with ip 172.31.0.1 and want to reach a RDS with ip 172.31.0.2, its possible. The same applies to all other addresses within the 172.31.0.0/16 scope.
The other route with destination 0.0.0.0/0 and target igw-x, routes all the traffic that’s NOT declared in another route to it’s destination. In this case, all traffic with another destination than 172.31.0.0/16 will be routed to the igw-x, which is an internet gateway. Yes, that means that all that traffic will go and look for it’s destination on the internet. This is how you do public subnets btw. Any subnet that doesn’t have a route to an igw is what’s called a private subnet without internet access.
The Status column explains itself. Propagated means that the route is dynamically added from a virtual private gateway, so you don’t have to handle the routes manually.
I hope that made sense. If not, feel free to drop a comment.
JL is the creator of awshome.dev. This is simply a side project to learn and to share what I do, mostly for my own sake but if you like it, feel free to read.