Egress-only Internet Gateway (EIGW)

Egress-only Internet Gateway (EIGW) is a highly available AWS resource that allows IPv6 traffic from the VPC to reach the internet. It also prevents any traffic initiated from the internet reaching the IPv6 instances.

  • Unlike a NAT instance or a NAT Gateway, the EIGW does not perform any address translation as IPv6 addresses are public and global in scope.
  • The entry in the route table of the private subnet for an IPv6 should have the target to EIGW.
  • An EGIW is stateful. Meaning it forwards IPv6 traffic from the subnet to the Internet, and then sends the response back to these instances.
  • You can’t associate a security group with an EIGW. Instead, You can use security groups for the instances in the private subnet to control the traffic to and from those instances.
  • You can use a network ACL to control the traffic to and from the subnet for which the EIGW routes the traffic.

 

EIGW

 



Leave A Reply

Your email address will not be published. Required fields are marked *