I have created an Elastic IP. The IP address listed seems to be stable. It is associated with an instance. However, I get this weird behaviour:
The public DNS listed for that IP contains a different address than the literal IP address.
The public DNS does not resolve to the Elastic IP; it resolves to the IP implied by the DNS name.
Stopping and starting the instance changes the IP address.
I've tried creating a new elastic IP address and a new instance and associating them, and I experience the same bug. What's going on here?
I'm assuming you are looking at the AWS console, not the output of a program using the API directly.
The "public DNS" you see in the console is the public DNS of the instance, not of the elastic IP address. If the instance is associated with an ElasticIP, its public DNS should include the ElasticIP in it and resolve to the ElasticIP. Since it isn't, I suspect a bug in the AWS console. I've noticed a lot of lag in it showing the addresses when ElasticIP addresses are associated or disassociated. To confirm this, you might try completely clearing your browser history and cookies and reconnecting to the console, to see if the display is now right. Or you could use a browser's incognito or private browsing mode.
If you create the obvious public DNS to match your ElasticIP address, I'll bet it resolves correctly.
Yes, the public Elastic IP address is stable (which, of course, is why they exist).
Are you referring to the fact the DNS name will resolve to a different IP address depending on whether you are resolving inside or outside AWS?
If so, this is a feature not a "bug".
If you look up a host name from outside AWS you get the public IP. If you look up the same name from, say, the command line of an EC2 instance you get the private IP (typically a 10.0.0.0 address).
This means that you can refer to an instance by a single name but internal traffic is automatically routed over the local network and not over the (billable) public interface.
Related
I ran the rescue program to generate a new private key for my AWS EC2 instance. There seems to be a new instance with the same old instance-id but a new public DNS. Is there a way I can get back to my old public DNS? Everything I had was written to call the old public DNS (server name url) .... Thank you. (AWS documentation is very hard to follow.)
The only way to 'keep' a public IP address is to create an Elastic IP. This is a static IP address that is associated with your AWS Account and can be assigned to an Amazon EC2 instance.
Typically, it is best to avoid requiring a specific IP address. This can be done by using a DNS name that resolves to an IP address, thereby allowing the IP address to change.
However, sometimes people need a static IP address for whitelisting (eg calling an API from a 'known' IP address). Elastic IPs are available for this purpose.
I have an instance inside a VPC with DNS hostnames & DNS resolution enabled
Today, each instances I spawn get the hostname & Private IP DNS name as
ip-xx-xx-xx-xx.ec2.internal
The problem with this is everytime my instance is terminated and I have to replace it, the IP address is going to change. Other machines in the same VPC need a deterministic way to access this instance. e.g. by connecting to mymasterinstance.dev. Any idea how do I give an internal / private DNS for my instance?
Private IP addresses on Amazon EC2 instances do not change. Therefore, the other machines could simply reference the private IP address.
Alternatively, you can create a "Private hosted zone" in Amazon Route 53 and create an A-Record to associate a domain name (eg mymasterinstance.dev) with the private IP address of the instance.
The public IP address on an instance will change when the instance is Stopped and Started (but will not change when the instance is Rebooted). If you require a static public IP address, you can create an Elastic IP Address and associate it with the instance.
Another perhaps simpler way to do this is to add a second IP address to your EC2 instance. When you terminate an instance, and add back a "replacement" instance, set its second IP address to what the terminated instance's second IP address was. Then you can do all of your referencing directly by IP address and you have full control over that second IP address. None of your configs needs to change.
I have an instance running on AWS. I have stopped it and then restarted it after few hours. Now I am unable to access my website by a domain name but it is accessible by its ip
Looking for a solution so that I am able to access it with domain name also.
As this is your personal domain, the likely scenario is that when your instance rebooted the IP address changed.
You can validate this by comparing the public IP address in the AWS Console to the IP address entered in your DNS configuration for your domain.
This is expected behaviour for the standard public IP address for EC2 hosts, if you want to resolve this you will need to create an elastic IP address and associate it to the instance you have.
Once this has been associated update your DNS record to use the new public IP that has been assigned (the EIP). This will then allow you to reboot your instance without the risk of losing your IP. In addition be aware that based on the TTL of your domain you will need to wait for the DNS to propagate.
I am new to AWS and tried to create an EC2 instance.
I have a domain and ready to modify the A record to the associated EC2 instance.
I found an article that said an elastic IP is required for associating a production domain.
But AWS provides a public IP and it is accessible on the public internet too (i know it changes after restart, just assuming its okay to modify the A record after the machine is restarted - actually it is not restart very often).
In this case, is it a must that to assign an elastic IP to the instance (this instance contains no load balancing, it is only a simple single instance)?
If yes, why is it necessary?
An Elastic IP (EIP) is not necessary provided that you understand the limitations of public IPs. You may not reboot your instance, but AWS might for any number of reasons. This means that the public IP address could change when you are not expecting it.
When an EIP is assigned to a running EC2 instance, there are no charges for the EIP e.g. it is free. Therefore why go thru the hassle of needing to monitor your public IP address.
I created an Ubuntu instance in AWS. I assigned an IP address from which I can connect to the instance from outside using PuTTY. Now I've changed my location and my IP address is different so I cannot connect to the instance with PuTTY any more. I'm trying to add another IP address (my current IP) to the instance network settings but for some reason AWS says it cannot accept the address:
IP Address not in Subnet
What does it mean? Why does it require an address in Subnet?
My questions are:
How to bypass it? or
How to change settings so that it could accept any arbitrary IP I provede? or
How to include any arbitrary IP into the Subnet of addresses? or
How can I just change previous initial address to a new one?
Your question is somewhat confusing, so I'll list my assumptions as I go along.
I assigned an IP address from which I can connect to the instance from outside using PuTTY
Are you talking about Elastic IP, and connecting to the instance from the internet? If so, it is irrelevant to being able to assign private IP.
Now I've changed my location
What does it mean? The location of EC2 instance? Like, a different region or something?
my IP address is different
The IP of the instance, right? So, why can't you connect to this new IP?
The bottom line, you can add another private IP on the same subnet. That will not allow you to connect to a diiferent private IP, if you can't connect to original IP. If you are trying to do something different, please clarify!
I accidentally found the reason of an issue. It has nothing to do with private IP addresses.
"Security groups" are responsible for connection to the instance from outside (from internet using PuTTY). Since my IP has changed I have to reflect it in settings for the instance. See the "Security groups" of your instance and then select the appropriate to adjust:
In PuTTY:
Host name (or IP address) field: ubuntu#Public DNS or Public IP of your instance
Connection > SSH > Auth: use ssh2dsa.ppk or ssh2rsa.ppk, both seems to work fine