I am trying to understand what is the difference between NAT EC2 instance and a regular EC2 instance. I created two EC2 instances a) NAT Instance from community AMIs and disabled the source/dest check b) Created a regular EC2 instance t2.micro and disabled the source/dest check. When i use option b in my main route table it doesn't provide the internet connectivity to my ec2 instance in private subnet. Note: I can SSH the regular EC2 instnace mentioned in option b and also access the index.html file through internet.
Can somebody pls explain what makes a regular EC2 instance a NAT Instance?
This User Data script is traditionally used to configure an Amazon EC2 instance as a NAT server:
#!/bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 0.0.0.0/0 -j MASQUERADE
/sbin/iptables-save > /etc/sysconfig/iptables
mkdir -p /etc/sysctl.d/
cat <<EOF > /etc/sysctl.d/nat.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.eth0.send_redirects = 0
EOF
These days, it is recommended to use a fully-managed NAT Gateway instead of a NAT instance. (For dev/test it might be cheaper to use a NAT instance, but the NAT Gateway is better for a production environment.)