In regard with NLB, destination IP of return traffic from ec2 target group is client IP(not NLB IP). In route table, default route is internet gateway. So, does this mean, return traffic doesn't go via NLB?
I got hung up on this too. In traditional networking, it couldn't go back through the NLB due to client IP preservation. But because AWS routes by flow and not IP, traffic does go back through the NLB even though it is not proxying. See the slide at 27:00