Hi i have an internet-facing NLB with a security group attach to it. One of the rules is an inbound connection to allow the vpc cidr block and another rule to allow my lcoal machine.
I can connect via my local machine but if i ssh into an ec2 instance on the vpc and attempt to connect, the same curl command that works locally timesout within the VPC.
nvm. If it works with 0.0.0.0/0 what is probably happening is that the DNS entry you are using for the connection is the public DNS. That means your ec2 resolves it to the Internet IP.
So it tries to connect as though this NLB is any other public endpoint.
The traffic that reaches the NLB therefore comes from the EC2s public IP (or the NAT Gateways)
<http://k8s-mongodb-psmdbdbr-460b3e49b0-redacted.elb.eu-west-2.amazonaws.com|k8s-mongodb-psmdbdbr-460b3e49b0-redacted.elb.eu-west-2.amazonaws.com>. 30 IN A 18.x.70.46
k8s-mongodb-psmdbdbr-460b3e49b0-<redacted>.<http://elb.eu-west-2.amazonaws.com|elb.eu-west-2.amazonaws.com>. 30 IN A x.9.86.x```