I have multiple Amazon EC2 instances which need to communicate using private IPs. However, so far I've been unable to ping one instance's private IP from another instance.
I can ping external addresses, such as their Elastic IPs and other sites (yahoo, google, etc), so it seems there's nothing wrong with the instances' network configuration.
Also, they are all in the same zone, so that shouldn't be an issue.
Does anyone have any idea what I could be doing wrong? Could this related to the Security Group settings?
Best Answer
It turns out the problem was the Security Group settings after all.
I had been IP-restricting traffic, so only my external IP could communicate with the instances. I assumed the Security Groups didn't apply to communication between instances, but they do.
The solution was to also allow traffic from 10.0.0.0/8, which covers all possible EC2 private IPs. It would be more secure, to only allow traffic from specific private IPs, but that's a hassle since they can change.
This solves my problem for now. Probably the best solution would be to utilize Amazon's API to automatically tweak the Security Group IP-restrictions when instances are stopped and started.