How to address an EC2 instance from both inside and outside datacenter?

Associating an Elastic IP with the instance is how this is done.

Be aware, that unless you are using VPC, that your elastic IP will disassociate if you stop the instance, and you will have to manually reassociate it when you restart the instance.


Here are the standard best practice steps for the most flexible, efficient, and cost-effective approach:

  1. Create an Elastic IP address and associate it with the instance.

  2. Create a DNS entry which is a CNAME pointing to the external DNS name for the elastic IP address.

  3. Whenever you stop/start the instance (or wish to point the name to a new instance) simply associate the Elastic IP address with the desired instance. No DNS updates required.

Use the new DNS name both inside and outside of EC2.

When the DNS name is used outside of EC2, it will resolve to the public IP address of the instance (i.e., the Elastic IP address).

When the DNS name is used inside of EC2 (in the same region as the instance) it will resolve to the then-current private IP address of the instance to which the Elastic IP address is associated.

This makes your internal network traffic faster and cheaper between the EC2 instances accessing the server. It also allows you to use security groups to allow access to specific ports from other EC2 instances.

I go into more details in this article: http://alestic.com/2009/06/ec2-elastic-ip-internal

If you use VPC, you don't need to reassociate the Elastic IP address after stop/start, otherwise everything works the same.