- I have an internet-facing ALB in VPC1 and an internal NLB in VPC2
- The NLB is pointed at an ECS service and health-checks are healthy
- The ECS Task Security Group allows traffic from VPC1 CIDR as well
- The ALB has an IP target group with the NLB's local IPs registered
- There is an active VPC Peering Connection between the VPCs
- There is a Route Table entry on both of VPC1's subnets to route VPC2's CIDR to the peering connection
- VPC2's default security group also has traffic from VPC1 allowed
- All NACLs are set to allow all traffic
I can hit the ALB fine but I cannot hit the NLB. The ALB target group targets (the two NLB IPs) show as unhealthy.
Is this possible? As far as I can tell the AWS docs say it is. If it is, where is my misconfiguration likely to be?
