THIS PAGE IS A DRAFT, NOT A REAL COURSE PAGE

The current schedule for OPS345 is here: OPS335_Weekly_Schedule

AWS Networking

• VPCs, subnets
• Default dynamic public IP
• Default static private network/IP
• Reserving a static public IP under "Elastic IPs", cost of doing that
• VPC dashboard:
  • https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html
  • New VPC vpc-ops345 with CIDR block 10.3.45.0/24, no IPv6
  • Subnets: create a new one in vpc-ops345 named subnet-ops345, in us-east-1a, 10.3.45.0/24 (to fit inside the VPC)
  • Edit subnet, enable auto-assign public IPv4 addresses
  • Internet Gateway: Create ops345-internet-gateway, attach to vpc-ops345
  • Create new Route table ops345-route-table, add route for 0.0.0.0/0 through ops345-internet-gateway. Then add explicit subnet association to subnet-ops345
• Create a new security group "ops345sg" in vpc-ops345 with only the SSH port open.
• Create a new VM named "router", in the new vpc/subnet.
  • Follow the instructions in lab 1, except use the subnet-ops345 and ops345sg. Also create a new key called ops345-allmachines-key
  • Note that "Auto-assign Public IP" is enabled by default, but don't change it.
  • Wait till it starts, then go to "Elastic IPs" and associate elastic IP with router

Firewalls

• The purpose of a firewall on a server on the internet
• AWS Security Groups and iptables

IPtables setup

• Install iptables-services, then enable and start the service (same as you did in OPS245).
• iptables rules and troubleshooting
• iptables fundamentals
• Securing services that need to be publicly accessible

Port forwarding SSH

• Port forwarding SSH