To create a multi-NIC configuration, you must first create an Amazon virtual private cloud (VPC). This is the network environment where your instances will reside.
These tasks are detailed later in this document.
|1||Create a VPC||Use the VPC wizard to create a management subnet for administrative access, an external subnet for application access, and a NAT instance for network translation.||
|2||Create an internal subnet||This subnet contains your web servers.||Internal subnet: 10.0.2.0/24|
|3||Add a route to the VPC route table||Add the private IP address of the external subnet as the gateway in a route for outbound traffic.|
|4||Create security groups||These groups determine which traffic is allowed in and out of the VPC.||
Now create the internal subnet in that same availability zone. The internal subnet corresponds to the BIG-IP® internal VLAN.
|Availability Zone||The zone where the other subnets reside|
Amazon security groups control the inbound and outbound traffic allowed by an EC2 instance.
You can create security groups based on your needs. This specific configuration uses three security groups: one for the BIG-IP® Configuration utility, one for virtual server traffic, and one for internal traffic.
|Name tag||Inbound rules||Source|
||A secure network or, temporarily, 0.0.0.0/0 for Internet access.|
||For HTTP and HTTPS, use the port that serves the virtual traffic. Or temporarily, 0.0.0.0/0 for Internet access.|
||These two ports are used for config sync and failover between BIG-IP VEs.|