Configuring elastic IP addresses with AWS
Like it or not, there’s no escaping the cloud. And because there’s no escaping it, it’s vital for network engineers to fully understand it. A full understanding of the cloud will prove incredibly useful, but you’ll also need working-knowledge of at least one main cloud provider. Currently, the top two players include Amazon and Microsoft, with many other providers biting at their heels. In this post, we’ll focus on Amazon. We’ll go over a few different features used in Amazon’s cloud offerings, specifically the ability to assign a static public IP address to an EM2 instance (compute).
Wait. What’s the difference between a private and public IP address?
Let’s do a quick review of the differences between a private and public IP address and how they’re generally used. Both private and public IP addresses are routable across a network. Where they differ is whether or not they’re allowed to be routed over a public network, like the Internet.
Private IP addresses are commonly used on private networks because they allow the enterprise to determine how to best organize their addressing plan. For example, they could split their addressing by department, building, or floor. This is no different when deploying an EC2 instance on Amazon’s network; it utilizes private addresses inside its network.
Public IP addresses, on the other hand, can be routed on both private and public networks. Typically, private IP addresses are translated via Network Address Translation (NAT) on the border between an enterprise and the Internet; this is also true with Amazon’s network.
IP addressing with Amazon’s EC2 service
The addressing used depends on your Amazon networking configuration but, generally, newer customers use the Virtual Private Cloud (VPC). VPC offers the ability to have an isolated network that’s dedicated to you, that you can control.
Here are just a few of the things you can control with VPC’s isolated network:
- Which private addressing range is used
- How addresses are assigned
- The network’s connectivity to the outside world
The key thing to remember is that the assigned private IP addresses are used to communicate with devices inside Amazon’s network, specifically inside a VPC.
To access the Internet, a VPC can be configured with an Internet gateway, which allows an EC2 instance to access it. However, without an instance configured with a public IP address, it can’t access the Internet. By default (on new accounts), a VPC is automatically created for any EC2 instances created, this VPC is configured to automatically assign every new instance with a private IP address and a public IP address that’s used once traffic has passed through the Internet gateway (NAT).
Public vs. elastic IP addresses
This heading itself is a bit of a fallacy, but it’s often the way elastic IP addresses are distinguished from “normal” public IP addresses. In Amazon’s case, public IP addresses are assigned to EC2 instances that are configured to receive a public IP address but are not assigned an elastic one. It’s important to note that public and elastic IP addresses are both actually public, and they each allow an instance to communicate onto the Internet.
Public and elastic IP addresses differ in how long they’re associated with a specific EC2 instance. A public IP address is assigned to an EC2 instance on launch and will remain assigned until the instance is stopped (there are some reports that this address is lost on restart, but I didn’t witness this during testing). At this point the IP address is released back into Amazon’s pool of IP addresses. When the instance is restarted, it’s assigned a new IP address from this pool.
When using elastic IP addresses, an address is allocated and associated with a specific instance. And from this point forward, that address will remain linked with that instance until it’s disassociated from it. Since IPv4 addresses are scarce, Amazon will bill for this elastic IP address if it’s associated with an instance that isn’t currently running.
Using elastic IP addresses
One common reason to use an elastic IP address is the ability to associate it to an active instance. In this case, if there’s a failure, it offers the ability to quickly disassociate it with the failed instance and re-associate it with a new instance. Just keep in mind that elastic IP addresses are region-specific, but can be used across availability zones.
The process to allocate and associate an elastic IP address is easy, let’s cover the steps involved. We’ll start with the image below which shows an EC2 instance that has launched and is running. It’s currently allocated with a public IP address (126.96.36.199). This address would be lost should the instance be stopped or shutdown.
To begin, an elastic IP address must be allocated. We do this by clicking ‘Elastic IPs’ to the left of the screen. This is how it looks.
Once the ‘Allocate new address’ button is clicked, the screen shown below will be displayed, verifying the allocation.
Once the ‘Allocate’ button has been clicked, it will advance to the screen (shown below). On this screen you’ll see the new elastic IP address that’s been allocated; in this case it’s 188.8.131.52.
Once an Elastic IP address has been allocated it can be associated with an EC2 instance. To start, click on the ‘Actions’ button, then the ‘Associate address’ button. This menu is shown in below.
This brings up the Associate address screen, where an elastic IP address can be associated with either a specific instance or a specific Network interface. In this case, the instance ID shown earlier is shown and selected. Once selected, click on the ‘Associate’ button.
If successful, the result will look like this:
Once this action is complete, the elastic IP address will have overridden the previously assigned public IP address. This address will now be linked with this specific instance (or network interface) until it’s disassociated.
Whether you’re just beginning to explore the world of cloud computing or you’re a seasoned network administrator or engineer, it never hurts to expand your skills. Understanding how Amazon organizes its EC2 offerings and the networking associated with them is a great place to start. Additionally, if you have active EC2 instances, you can benefit from the functionality of elastic IP addresses.