In this article, we'll discuss the difference between static and dynamic routes, along with how AWS prioritises these routes and to finish off we'll show you how to create static routes and enable route propagation so you're ready to implement these within your own infrastructure.

What is a static route?

Static routes are explicitly defined by you, where you set a destination CIDR range, which will be used by AWS to determine what network traffic this rule should apply to, along with a target which is where the traffic should actually be routed to. The destination can be any CIDR range and the target can be any of the following:

• Carrier Gateway
• Core Network
• Egress Only Internet Gateway
• Gateway Load Balancer Endpoint
• Instance (An EC2 Instance)
• Internet Gateway (Used to access the internet, so usually we would define a route with the destination of 0.0.0.0/0 and target of the Internet Gateway)
• Local (This will route to the IP within the attached VPC)
• NAT Gateway (Commonly used to allow resources that only have a private IP, to access the internet)
• Network Interface
• Outpost Local Gateway
• Peering Connection
• Transit Gateway
• Virtual Private Gateway

How do you create a static route?

Creating static routes is really simple, although can be slightly confusing the first time as VPC resources are still considered a subset of the EC2 resource, here's an example of creating a route via the AWS CLI;

This will create a catch all route, with a target of the internet via the internet gateway.

aws ec2 create-route --route-table-id rtb-abcdefg --destination-cidr-block '0.0.0.0/0' --internet-gateway-id 'igw-abcdefg'

What is a dynamic route?

Dynamic routes are created through route propagation via BGP (Border Gateway Protocol). Route propagation is supported by a handful of AWS services including Direct Connect (service for connecting your on-premises datacenter to AWS), AWS VPN, and is used to automate the configuration of routes when using these services.

How do you enable route propagation?

Here is the simple subcommand under the ec2 resource within the AWS CLI to enable route propagation;

aws ec2 enable-vgw-route-propagation --route-table-id 'rtb-abcdef' --gateway-id 'vgw-abcdefg'

How are routes prioritised?

The process for determining which route should be applied to any given traffic is commonly called prioritisation. Here is how AWS prioritises routes;

1. Longest Prefix (The most specific CIDR range for example 10.0.0.250/32 will have priority over 10.0.0.0/24)
2. Static Routes (Such as Peering connections and Internet Gateway connections)
3. Prefix List Routes (We'll cover prefix lists in another article but simply put they are a pre-determined list of CIDR ranges)
4. Propagated Routes
5. Routes Propagated through Direct Connect (via BGP)
6. VPN Static Routes
7. VPN Routes propagated via BGP

Summary

Static routes allow you to be explicit as to how traffic is directed whereas route propagation makes use of BGP and other methods to simplify routing where there is a larger volume of dynamically changing targets such as clients connecting to a VPN or an on premises datacenter connecting via Direct Connect.