Post

NetworkSec - VPC - ENI

Posted
By Grace L
2 min read

Elastic IP

Elastic IP address

basic

  • a static and public IPv4 address designed for dynamic cloud computing.

  • can be attached to EC2 instance.
    • associate an Elastic IP address with any instance or network interface for any VPC in your account.
  • can mask the failure of an instance or software
    • by rapidly remapping the address to another instance in your VPC
    • allowing users and clients to use the same IP address with replacement resources.
      • An Elastic IP address is assigned to any Amazon EC2 instance.
      • If that Amazon EC2 instance failed,
      • a new Amazon EC2 instance could be launched with that IP address and the application does not require any changes as it will have the same IP address.
      • Screen Shot 2022-07-04 at 16.54.26

Implement

  • Associating the Elastic IP address with the Network interface has an advantage over associating it directly with the instance.
  • move all of the attributes of the network interface from one instance to another in a single step.
  • Additional costs might apply

ENI - Elastic Network Interface

Screen Shot 2022-07-04 at 16.58.39

  • a virtual network interface that can attach or detach from an instance in a VPC.
    • A network interface’s attributes follow it when it is reattached to another instance.
    • move a network interface from one instance to another, network traffic is redirected to the new instance.

Primary / Secondary network interface

  • Each instance in VPC has a default network interface (primary network interface)
    • a private IPv4 address from the IPv4 address range of your VPC.
  • can create and attach an additional network interface to any instance in your VPC.
    • The number of network interfaces you can attach varies by instance type.
  1. configuring network interfaces
    • attach a network interface to an instance
    • when it’s running (hot attach),
    • when it’s stopped (warm attach),
    • when the instance is being launched (cold attach).
  2. can detach secondary network interfaces when the instance is running or stopped.
    • primary network interface cannot detach from instance.

  3. can move a network interface from one instance to another, if the instances are in the same Availability Zone and VPC but in different subnets.

  4. When launching an instance using the CLI, API, or an SDK, can specify the primary network interface and additional network interfaces.

  5. configures interfaces
    • A warm / hot attach of additional network interface
    • may require manually bring up the second interface, configure the private IPv4 address, and modify the route table accordingly.
    • Instances running Amazon Linux or Windows Server
    • automatically recognize the warm or hot attach and configure themselves.
    • automatically configures interfaces, private IPv4 addresses, and route tables on the operating system of the instance.

  6. Attaching another network interface to an instance (for example, a NIC teaming configuration) cannot increase or double the network bandwidth to or from the dual-homed instance.

  7. If you attach two or more network interfaces from the same subnet to an instance, you may encounter networking issues such as asymmetric routing.
    • If possible, use a secondary private IPv4 address on the primary network interface instead.

.

01AWS, Network
AWS Network VPC
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.