Work with route tables - Amazon Virtual Private Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Work with route tables

This section explains how to work with route tables.

Determine the route table for a subnet

You can determine which route table a subnet is associated with by looking at the subnet details in the Amazon VPC console.

To determine the route table for a subnet

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Subnets.

  3. Select the subnet.

  4. Choose the Route table tab to view information about the route table and its routes. To determine whether the association is to the main route table, and if that association is explicit, see Determine which subnets and or gateways are explicitly associated.

Determine which subnets and or gateways are explicitly associated

You can determine how many and which subnets or gateways are explicitly associated with a route table.

The main route table can have explicit and implicit subnet associations. Custom route tables have only explicit associations.

Subnets that aren't explicitly associated with any route table have an implicit association with the main route table. You can explicitly associate a subnet with the main route table. For an example of why you might do that, see Replace the main route table.

To determine which subnets are explicitly associated using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables.

  3. Check the Explicit subnet association column to determine the explicitly associated subnets and the Main column to determine whether this is the main route table.

  4. Select the route table and choose the Subnet associations tab.

  5. The subnets under Explicit subnet associations are explicitly associated with the route table. The subnets under Subnets without explicit associations belong to the same VPC as the route table, but are not associated with any route table, so they are implicitly associated with the main route table for the VPC.

To determine which gateways are explicitly associated using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables.

  3. Select the route table and choose the Edge associations tab.

To describe one or more route tables and view its associations using the command line

Create a custom route table

You can create a custom route table for your VPC using the Amazon VPC console.

To create a custom route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables.

  3. Choose Create route table.

  4. (Optional) For Name tag, enter a name for your route table.

  5. For VPC, choose your VPC.

  6. (Optional) Add or remove a tag.

    [Add a tag] Choose Add tag and do the following:

    • For Key, enter the key name.

    • For Value, enter the key value.

    [Remove a tag] Choose the Delete button ("X") to the right of the tag’s Key and Value.

  7. Choose Create.

To create a custom route table using the command line

Add and remove routes from a route table

You can add, delete, and modify routes in your route tables. You can only modify routes that you've added.

For more information about working with static routes for a Site-to-Site VPN connection, see Editing Static Routes for a Site-to-Site VPN Connection in the Amazon Site-to-Site VPN User Guide.

To modify or add a route to a route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and select the route table.

  3. Choose Actions, Edit routes.

  4. To add a route, choose Add route. For Destination enter the destination CIDR block, a single IP address, or the ID of a prefix list.

  5. To modify an existing route, for Destination, replace the destination CIDR block or single IP address. For Target, choose a target.

  6. Choose Save routes.

To add a route to a route table using the command line

Note

If you add a route using a command line tool or the API, the destination CIDR block is automatically modified to its canonical form. For example, if you specify 100.68.0.18/18 for the CIDR block, we create a route with a destination CIDR block of 100.68.0.0/18.

To replace an existing route in a route table using the command line

To delete a route from a route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and select the route table.

  3. Choose Actions, Edit routes.

  4. Choose the delete button (x) to the right of the route that you want to delete.

  5. Choose Save routes when you are done.

To delete a route from a route table using the command line

Enable or disable route propagation

Route propagation allows a virtual private gateway to automatically propagate routes to the route tables. This means that you don't need to manually enter VPN routes to your route tables. You can enable or disable route propagation.

To complete this process, you must have a virtual private gateway.

For more information about VPN routing options, see Site-to-Site VPN routing options in the Site-to-Site VPN User Guide.

To enable route propagation using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. Choose Actions, Edit route propagation.

  4. Select the Enable check box next to the virtual private gateway, and then choose Save.

To enable route propagation using the command line

To disable route propagation using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. Choose Actions, Edit route propagation.

  4. Clear the Propagate check box, and then choose Save.

To disable route propagation using the command line

Associate a subnet with a route table

To apply route table routes to a particular subnet, you must associate the route table with the subnet. A route table can be associated with multiple subnets. However, a subnet can only be associated with one route table at a time. Any subnet not explicitly associated with a table is implicitly associated with the main route table by default.

To associate a route table with a subnet using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. On the Subnet associations tab, choose Edit subnet associations.

  4. Select the check box for the subnet to associate with the route table, and then choose Save associations.

To associate a subnet with a route table using the command line

Change the route table for a subnet

You can change the route table association for a subnet.

When you change the route table, your existing connections in the subnet are dropped unless the new route table contains a route for the same traffic to the same target.

To change a subnet route table association using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Subnets, and then select the subnet.

  3. In the Route Table tab, choose Edit route table association.

  4. From the Route Table ID list, select the new route table with which to associate the subnet, and then choose Save.

To change the route table associated with a subnet using the command line

Disassociate a subnet from a route table

You can disassociate a subnet from a route table. Until you associate the subnet with another route table, it's implicitly associated with the main route table.

To disassociate a subnet from a route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. In the Subnet associations tab, choose Edit subnet associations.

  4. Clear the check box for the subnet, and then choose Save associations.

To disassociate a subnet from a route table using the command line

Replace the main route table

You can change which route table is the main route table in your VPC.

To replace the main route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables.

  3. Select the subnet route table that should be the new main route table, and then choose Actions, Set main route table.

  4. In the confirmation dialog box, choose Ok.

To replace the main route table using the command line

The following procedure describes how to remove an explicit association between a subnet and the main route table. The result is an implicit association between the subnet and the main route table. The process is the same as disassociating any subnet from any route table.

To remove an explicit association with the main route table

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. In the Subnet associations tab, choose Edit subnet associations.

  4. Choose the subnet, and then choose Save.

Associate a gateway with a route table

You can associate an internet gateway or a virtual private gateway with a route table. For more information, see Gateway route tables.

To associate a gateway with a route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. Choose Actions, Edit edge associations.

  4. Choose the gateway, and then choose Save.

To associate a gateway with a route table using the Amazon CLI

Use the associate-route-table command. The following example associates internet gateway igw-11aa22bb33cc44dd1 with route table rtb-01234567890123456.

aws ec2 associate-route-table --route-table-id rtb-01234567890123456 --gateway-id igw-11aa22bb33cc44dd1

Disassociate a gateway from a route table

You can disassociate an internet gateway or a virtual private gateway from a route table.

To associate a gateway with a route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. Choose Actions, Edit edge associations.

  4. Choose the gateway you want to disassociate.

  5. Choose Save.

To disassociate a gateway from a route table using the command line

Replace or restore the target for a local route

You can change the target of the default local route. If you replace the target of a local route, you can later restore it to the default local target. If your VPC has multiple CIDR blocks, your route tables have multiple local routes—one per CIDR block. You can replace or restore the target of each of the local routes as needed.

To replace the target for a local route using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. Choose Actions, Edit routes.

  4. For Target, choose a target.

  5. Choose Save routes.

To restore the target for a local route using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables, and then select the route table.

  3. Choose Actions, Edit routes.

  4. For Target, choose local.

  5. Choose Save routes.

To replace the target for a local route using the Amazon CLI

Use the replace-route command. The following example replaces the target of the local route with eni-11223344556677889.

aws ec2 replace-route --route-table-id rtb-01234567890123456 --destination-cidr-block 10.0.0.0/16 --network-interface-id eni-11223344556677889

To restore the target for a local route using the Amazon CLI

The following example restores the local target for route table rtb-01234567890123456.

aws ec2 replace-route --route-table-id rtb-01234567890123456 --destination-cidr-block 10.0.0.0/16 --local-target

Delete a route table

You can delete a route table only if there are no subnets associated with it. You can't delete the main route table.

To delete a route table using the console

  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Route tables.

  3. Select the route table, and then choose Actions, Delete Route Table.

  4. In the confirmation dialog box, choose Delete Route Table.

To delete a route table using the command line