Route Tables

Introduction

Route tables control the IP forwarding of all traffic in the subnets with which they are associated. They have the following attributes:

  1. A VPC comes with a single built-in, modifiable, main route table.

  2. You can create additional custom route tables for your VPC.

  3. You cannot delete the main route table, but you can replace the main route table with a custom table that you’ve created. This table becomes the default table with which each new subnet is associated.

  4. Each route in a table specifies a destination CIDR and a target (local/IGW).

  5. Every route table contains a local route for communication within the VPC over IPv4. You cannot modify or delete this route.

See the video introducing the basics of configuring Route Tables:

Creating a Route Table

To create a route table:

  1. Navigate to the Networking > Route Tables view.

  2. From the top toolbar, click Create.

  3. In the Create Route Table dialog, enter the following:

    • Name - name of the route table.

    • Description - optional description of the route table.

    • VPC - VPC which is associated with this route table.

  4. Click OK. A route table is created with a single entry for a local route for communication within the VPC.

Route Table Operations

After creating a route table, it is displayed in the route table list in the Networking > Route Tables view. The following operations can be performed by selecting a route table from the list, and clicking the appropriate icon.

From top toolbar:

  • Modify - change the name of the route table.

  • Set main - set the route table as the main table for a VPC, replacing the previous default table.

  • Delete

  • Test connectivity - use ping or arping to test connectivity to a specific IP covered by routes defined in the route table. For more information on route table testing, see Testing Route Table Connectivity.

  • Soft Reset - rebind all the ports of the route table.

  • Hard Reset - restart the route table.

From lower toolbar:

  • Add route - to add route to table, select Routes tab in lower portion of view and click Create.

  • Assocate subnets - to associate a subnet with the route table, select Subnet Associations tab in lower portion of view and click Associate. Subnet association allows the user to bind an existing subnet to a route table, when the subnet is not explictly listed in the table.

  • Events - to view configuration events (info) or alarms for the route table, select the Events tab in lower portion of view.

Testing Route Table Connectivity

Connectivity between a VPC Route Table and a specific IP address can be tested by ping using either the GUI or CLI.

Using the GUI

  1. Navigate to the Networking > Route Tables view.

  2. Select a Route Table from the displayed list and click Test Connectivity in top toolbar.

  3. In the Test Connectivity window, enter a Destination IP address.

  4. Select ping or arping.

    Note

    Ping checks layer 3 connectivity and is blocked by security-group filtering, if traffic is not allowed from any IP in the subnet. Arping check layer 2 connectivity and bypasses security-group filtering.

  5. Click OK.

  6. Click OK. A message is displayed that the connectivity test is taking place.

  7. A few seconds later, the test results will be displayed indicting success or failure as well as other relevant details. This status report is also available in the right-hand sidebar.

Using the CLI

  1. The ‘guestnet-admin-tool ping-ip create’ command with which you can test a route table’s connectivity requires the ID of the given route table (see ‘entity_id’ below).

    Note: ‘–command-type’ is either ‘ping’ (default) or ‘arping’

    guestnet-admin-tool ping-ip create [-h]
                                   [-f {adaptive_table,json,shell,table,value,yaml}]
                                   [-c COLUMN] [--max-width <integer>]
                                   [--noindent] [--prefix PREFIX]
                                   [-m [NAME=VALUE [NAME=VALUE ...]]]
                                   [--command-type COMMAND_TYPE]
                                   [--name NAME]
                                   entity_id dest_ip

  2. Run the ‘vpc route-table list’ command to locate the ID of Route Table-1.

    vpc route-table list -c id -c name

  3. This returns a list of route tables and their IDs.

    +--------------------------------------+-----------------------------------------------------+
| id                                   | name                                                |
+======================================+=====================================================+
| 2fd55d1e-60b3-4887-b376-204b63ce2fa8 | Route Table-1                                       |
+--------------------------------------+-----------------------------------------------------+

  4. Test the connectivity of Route Table-1 to the destination IP address 8.8.8.8.

    guestnet-admin-tool ping-ip create 2fd55d1e-60b3-4887-b376-204b63ce2fa 8 8.8.8.8

  5. This returns a temporary, pending status of the route table’s connectivity, together with the id of the ping_ip.

    +--------------+--------------------------------------+
| id           | ab1e76df-4531-42db-a455-02a402e70ae5 |
| name         | none                                 |
| status       | pending                              |
| command_type | ping                                 |
| created_at   | 2019-05-12T14:15:11.379402           |
| dest_ip      | 8.8.8.8                              |
| entity_id    | 2fd55d1e-60b3-4887-b376-204b63ce2fa8 |
| output       | -                                    |
| project_id   | 07650a05e9dd47c8a3b874a2132e178c     |
| updated_at   | 2019-05-12T14:15:11.379416           |
| user_id      | admin                                |
+--------------+--------------------------------------+

  6. Wait a few seconds and then request the final status of Route Table-1’s connectivity test by using the ‘guestnet-admin-tool ping-ip get ping_ip_id‘.

    guestnet-admin-tool ping-ip get ab1e76df-4531-42db-a455-02a402e70ae5

  7. This returns the final, succeeded/failed status of Route Table-1’s connectivity test with relevant output details.

    +--------------+------------------------------------------+
| id           | ab1e76df-4531-42db-a455-02a402e70ae5     |
| name         | none                                     |
| status       | failed                                   |
| command_type | ping                                     |
| created_at   | 2019-05-12T14:15:11                      |
| dest_ip      | 8.8.8.8                                  |
| entity_id    | 2fd55d1e-60b3-4887-b376-204b63ce2fa8     |
|              +------------------------------------------+
| output       |  ; error=connect: Network is unreachable |
|              |  ; status=2                              |
|              +------------------------------------------+
| project_id   | 07650a05e9dd47c8a3b874a2132e178c         |
| updated_at   | 2019-05-12T14:15:12                      |
| user_id      | admin                                    |
+--------------+------------------------------------------+

This information is automatically deleted after approximately one hour.

Additional Commands for Route Table (VPC) Connectivity Testing

  1. Delete a specific route table connectivity test

    guestnet-admin-tool ping-ip delete ping_ip_id

  2. List all ping_ip requests

    guestnet-admin-tool ping-ip list