Understanding Ingress and Egress Traffic

Lab Details:

  1. This lab walks you through the difference between Ingress and Egress Traffic in the Google Cloud Platform.

  2. Duration: 60 minutes

Note: Do not refresh the page after you click Start Lab, wait for a few seconds to get the credentials.
In case while login into Google, if it asks for verification, please enter your mobile number and verify with OTP, Don't worry this Google Account will be deleted after the lab.

What is Ingress Traffic? 

In very simple words Ingress Traffic is the number of Packets or the amount of data you are receiving from any source. 

What is Egress Traffic?

Egress Traffic is the number of Packets or the amount of data you send to the destination.

Ingress Traffic vs Egress Traffic?

The flow of traffic is a very relative term, the same traffic came to be ingress and egress at the same time. For example, you are sending traffic from point A to point B. There 2 people standing at points A and B, According to the Person standing at point A, the traffic is Egress, whereas, for the person standing at Point B, the same traffic is Ingress.

The term Source and Destination is of utmost importance in terms of traffic. 

What are Firewalls in GCP?

A Firewall Rule is always applied within a Network. In GCP as the VPC is global in nature, so Firewall Rule is global as well. There are generally used to control the Egress and Ingress Traffic. There is a need to control the traffic as there can be many malicious attempts on your infrastructure or you need to filter the traffic in order to reduce your operational costs. 

We can apply firewall rules in the following ways:

  1. Apply to all the instances in the network.

  2. Appy to a specific instance by specifying a tag.

  3. Apply to a service account and use that service account in the VM and automatically that Firewall Rule will be applied to the VM.

Priority in Firewall Rules:

You can think of the Priority as the level of severity. It ranges between 0 and 65535, where 0 means Highest Priority and 65535 means the Lowest Priority.

2 Firewall Rules are automatically applied to the VM with its creation. These are called the Implied Rules.

  1. Allow Egress Rule i.e. Allows the VM to send the traffic to the internet. It has a Priority of 65535.

  2. Deny Ingress Rule i.e Deny all the incoming traffic to the VM. It has a Priority of 65535.

4 Firewall Rules are created by default in a Network. 

Following are the rules that are automatically created in a network:

  1. default-allow-icmp(Lets you use tools such as ping)

  2. default-allow-internal(This allows the communication between VMs within the same VPC network)

  3. default-allow-rdp(This lets you connect to instances using the Remote Desktop Protocol)

  4. default-allow-ssh(This lets you connect to instances using SSH)

Components of a Firewall Rule:

  1. Priority: Lies between 0-65535.

  2. Action on Match: If the given parameters/conditions match allow or deny the traffic.

  3. Target/Destination: Choose the destination from the 3 given choices All instances in a network, instances by network tag, and instances by service account.

  4. Source: It can be an IPv4 range, a network tag, or a service account depending on the destination.

  5. Protocols and Ports: Specify the Port and Protocols needed for the communication.

Lab Tasks:

  1. Creating 2 VM Instances.

  2. SSHing into the VM.

  3. Egressing and Ingressing traffic between the VMs.

Join Whizlabs_Hands-On to Read the Rest of this Lab..and More!

Step 1 : Login to My-Account
Step 2 : Click on "Access Now" to view the course you have purchased
Step 3 : You will be taken to our Learn Management Solution (LMS) to access your Labs,Quiz and Video courses

Open Console