Amazon EC2 Public DNS is useless?

networking amazon-web-services domain-name-system amazon-ec2

The public DNS name (whether elastic IP address or not) is exactly the same as using the public IP address (elastic IP or not) with the one following important difference:

If you query the public DNS name from outside of EC2, it resolves to the public IP address. If you query the public DNS name from inside of EC2, it resolves to the private IP address.

You can use this trick with or without Elastic IP addresses. I recommend using Elastic IP addresses as it keeps the public DNS name the same even after stop/start or moving your service to another EC2 instance. Because of this, you can always use the public DNS name of the Elastic IP address and it will resolve to the internal IP address of the current instance to which the Elastic IP is associated.

You can extend this by using a CNAME DNS entry where you map your preferred hostname to the external DNS name of the Elastic IP.

Here's an article I wrote about using this feature to save money and speed up network performance with internal EC2 communication without having to keep track of the current internal IP address for each instance on all your other instances: http://alestic.com/2009/06/ec2-elastic-ip-internal

Other than this one difference, I agree that you might as well use the public IP address instead of the public DNS name because:

  1. You save time by not doing a DNS lookup

  2. You avoid any security risks that occasionally arise in the DNS protocol.

so I suppose, in reality, right there are two more differences...


You'd use the EC2 public address to do things like SSHing into that server, or for interconnecting EC2 instances, or any number of other things.

If you need a consistent address (say to point users at), you'd provision an Elastic Load Balancer or an Elastic IP to sit in front of your instance(s).

Also, within EC2, public DNS resolves to the instance's internal IP, but outside EC2 it resolves to the external IP. This can be useful at times, as communicating between EC2 nodes using the private IP saves you money.


Well they only change when you stop the instance. If your instance is going to be long lived you can just point a CNAME to it and it will work. They're not completely useless, they are just transient.


You can use Elastic IP's

Here is an article on them

http://aws.amazon.com/articles/1346

Related

How to automate kinit process to obtain TGT for Kerberos?
how to install fuzzystrmatch.sql pg_trgm.sql on postgresql on mac os x
Strange bipping sound in Server room! [closed]
Apache / httpd not starting automatically on boot
Getting errors while making backup of whole centos with tar
Application does not run for domain admins [closed]
What are the benefits of the Logical Volume Manager [closed]
Why don't servers always run at max?
What's the difference between motherboard and chassis?
How can I redirect an entire site to a single page?
what's a secure way to send passwords over the internet?
Running VMs in a background on VMWare Workstation [closed]