How to ping / traceroute an AWS ELB
This is possible in a VPC, but not in stock EC2.
Yes, this works for Classic Load Balancers and Application Load Balancers. Go into your security group settings and permit incoming ICMP traffic on the one that is assigned to your ELB. Security groups work the same whether they're assigned to an ELB or EC2 instance.
I just tested and confirmed:
[jjbegin@bane ~]$ ping elb01-2026631704.us-east-1.elb.amazonaws.com
PING elb01-2026631704.us-east-1.elb.amazonaws.com (107.23.23.138) 56(84) bytes of data.
64 bytes from ec2-107-23-23-138.compute-1.amazonaws.com (107.23.23.138): icmp_seq=1 ttl=51 time=36.2 ms
64 bytes from ec2-107-23-23-138.compute-1.amazonaws.com (107.23.23.138): icmp_seq=2 ttl=51 time=35.9 ms
^C
--- elb01-2026631704.us-east-1.elb.amazonaws.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1473ms
rtt min/avg/max/mdev = 35.985/36.121/36.258/0.233 ms
[jjbegin@bane ~]$
NOTE: This does not work for Network Load Balancers (NLB). They do not have security groups and all ICMP Packets except for Type 3 (Destination Unreachable) are considered "Unintended traffic" and are not forwarded to any targets. Source