Public and Private Subnets. You can launch EMR clusters in both public and private VPC subnets. This means you do not need internet connectivity to run an EMR cluster; however, you may need to configure network address translation (NAT) and VPN gateways to access services or resources located outside of the VPC, for example in a corporate intranet or public AWS service endpoints like AWS Key

What is the difference between a public and private IP Oct 18, 2019 Understanding TCP/IP addressing and subnetting basics Dec 19, 2019 VPCs and subnets - Amazon® Virtual Private Cloud

Adding the NLB private IP address, as I saw in other responses, accomplishes nothing. Traffic is not coming from there, as far as the instances are concerned. On the security angle, nothing changes. Since your instances are in private subnets, traffic cannot flow directly to them, as there is a NAT gateway in the middle.

The next 2 ranges are private (rfc1918) ip ranges, as they are subnets of 172.16.0.0/12. The next ip range is a subnet of 199.231.32.0/20 which is a public ip network assigned to Pitney Bowes Credit Corporation, so maybe it was selected from an public ip network they really own. Setting Up - How To: One Internet connection - Two Private

remote access connections from sites which are using private subnets which conflict with your VPN subnets. For example, suppose you use the popular 192.168.0.0/24 subnet as your private LAN subnet. Now you are trying to connect to the VPN from an internet cafe which is using the same subnet for its WiFi LAN.

RFC 1918 Address Allocation for Private Internets February 1996 3.Private Address Space The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets: 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) We will refer to the first block as Private IP addresses are routable, albeit they are not publicly routed. Basically, a router will route a private address to private/internal LAN, rather than to the internet. To expand my answer: a router can route a private address to the public side, via its default gateway. However, the packet will be "lost" in transit due to other routers