What is Destination and Target in Route table? I can see Destination and target can be configured to Internet gateway, is there any other use case ?
What is Destination and Target in Route table (AWS VPC)?
Asked Answered
A short answer:
Destination: the packet's final destination
Target: where the packet should go next, to get it one step closer to the intended destination.
e.g.
You are planning a business trip from the US to Paris.
- Destination: Paris
- Target: US airport, fly to Paris.
Best example to void confusion. –
Mowry
Each route has a destination and target field.
- Destination field specifies the pattern that a request must match with its destination address (IP or CIDR range).
- Target field specifies where such a request should be routed. It could be
local(i.e. to targets in this VPC) oryour-internet-gateway-IDin case those requests should be routed to the gateway for external/somewhere-else access. A list of possible target values is here.
Here's an example assuming a VPC with addresses 10.0.0.0/16
| Destination | Target |
|:------------|------------:|
| 10.0.0.0/16 | local |
| 0.0.0.0/0 | your-igw-id |
This will route any request with into-the-VPC destination to local targets in the VPC. If the pattern 10.0.0.0/16 is not met, the any-ipv4-address aka 0.0.0.0/0 will be considered and the request will be routed to the internet gateway you specified with ID your-igw-id.
The order of the routes is irrelevant since the most specific route will be chosen.
does it correspond to outgoing traffic only? I mean if an instance in my VPC subnet tries to access an IP different from 10.0.0.0/16 mask than it will be routed to internat gateway? So if incoming traffic from the internet is coming to Internet Gateway, it will be able to access any instances in my VPC subnets? –
Laggard
Routes and access privileges are two different things. I would use network-level ACLs to control access to the VPC. –
Ales
Thanks Marco, you are right - found similar answer here - acloud.guru/forums/aws-certified-solutions-architect-associate/… –
Laggard
Destination => IP address/CIDR range .
Target => Where you want to send the traffic for the specified destination (e.g. if the destination is my local subnet, mention target as "local")
The Internet gateway is one of the targets (e.g. routing traffic to the internet). Other options for the target would be
- NAT Gateway
- Virtual Private Gateway
- VPC endpoint
- VPC peering connection etc. depending on your architecture
Route table document explains it well.
I feel like there should be a newline between the first word of "range" and the first word of "Target" –
Rizzio
This is easy to comprehend, for any entry in a Route Table there are the following 2 parts:
- Destination - This is an IP Address or a CIDR Range. To plan this out, consider outgoing traffic from any instance inside a VPC. This outgoing traffic will have some destination IP Address, and the route will just handle the request to the target, which is the second part of the entry.
- Target - Target is just the destination the request will be redirected to for getting processed.
Example: Destination: 0.0.0.0 and Target: Internet Gateway - Here all traffic will be passed on to the Internet Gateway
This is how I understand?
destination : Final target or Goal
target : Immediate target to achieve final target(via)
Ex:
destination can be Orthopedic Doctor
target can be MBBS, which a College student can take(via) to reach his final target or destination i.e his/her final goal, Orthopedic specialization.
destination is just destination.
target is next hop, but different from on premises, next hop don't use IP address but identifier
© 2022 - 2024 — McMap. All rights reserved.