EC2 instances in VPC and access to the Internet

networking amazon-ec2 amazon-vpc

I am playing a bit with AWS. I created one VPC (with 10.1.0.0./24 net) and two EC2 instances attached to it. One EC2 has 10.1.0.4, second 10.1.0.5 . I allocated one Elastic IP to VPC and associated it to Network Interface which belongs to 10.1.0.4 EC2 instance. The VPC is a custom one created by me. One of the most importand thing for me is, that public IP must retain (payment provider requires this). The problem is, that from first EC2 (10.1.0.4) I can access Internet but from second one (10.1.0.5) it's totally impossible. It must be said, that first EC2 (.0.4) should be WebServer while second one (.0.5) is a database server.

What am I doing wrong? Is above configuration good for what I want to achieve?

Thank you in advance for any tip.

Piotr


Solution 1:

Instances in a VPC only have access to the public internet if they have an Elastic IP or if their subnet is routed through a NAT instance. Assign an Elastic IP (if you like, you can have this done automatically on launch so you don't have to worry about associating/deassociating) and it'll have access.

Solution 2:

Not quite sure the answer flagged as correct is actually correct.

Every Amazon account now has a default VPC (this wasn't always the case) which has an Internet Gateway, an RFC 1918 subnet and a Default route table which routes all non-local traffic to the Internet.

Depending on which VPC you are operating in, deployed instances will or will not have a public IP address attached to them by default. Any instance deployed in the default VPC will have a public IP address attached. Any instance launched in a non-default VPC will not unless you specify that it should.

A public IP address is not the same as an Elastic IP address, in that a public IP address is ephemeral (ie once you stop the instance, you lose that address)

If you have launched your instance with the option to attach a public IP, and launched into the default VPC, there should be no requirement to attach an Elastic IP address.

You should be able to launch hundreds of instances with internet access, without the need to have Elastic Ip addresses attached to each.

I imagine your issue is that you launched one of your instances into a non-default VPC without the option to attach a public IP address.

See: Amazon EC2 Instance IP Addressing.

Solution 3:

By default there is no internet access to the VPC .

On your VPC dashboard click Route Tables then click Routes. Click Edit, then add the following information : 0.0.0.0/0 & InternetGateWayName. Click Save . That's it .

Solution 4:

Under the VPC Dashboard >> Route Tables

Make sure the route table for your VPC has CIDR block assigned to your Internet Gateway (VPC Dashboard >> Internet Gateway)

Destination    Target         Status    Propagated
172.31.0.0/16  local          Active    No
0.0.0.0/0      igw-8fc8d4ed   Active    No

The Example above shows the CIDR block 0.0.0.0/0 assigned to gateway igw-8fc8d4ed

Related

Compression on tape set..but at 2.27TB..end of space
What's is the purpose of a trailing '-' in a Kubernetes apply -f -
Looping a command over a list of arguments in Linux
Should databases containing customer information go in a DMZ?
md5sum repeatedly gives different checksum for same file on same machine
Should you replace your task manager with process explorer? [closed]
Is it worth it to use Linux in a new business starting from scratch?
Other sys admin hangouts [closed]
What is Multipath I/O?
customer wont provide ssh access - ftp only
Can I try Amazon EC2 for free?
What is the gain by using Puppet instead of Augeas itself?