Linux – EC2 elastic IP not resolving to private IP on debian instance

amazon ec2amazon-web-servicesdebian-wheezylinux

I've read on many sites that the answer to attaching multiple public IP addresses to an EC2 instance (for SSL, redirection, whatever purposes) is to create multiple private IP addresses, attach elastic IP addresses to aforementioned private addresses, making sure that the private IP address ENIs are attached to the EC2 instance, and finally ensuring that a corresponding network interface is created and configured on the OS running on the EC2 instance.

So if I'm correct in understanding, as long as the private IP address is linked to an EC2 instance and subsequently configured on it, an elastic IP will resolve to that private IP address, thus to that machine (provided the network interface is correctly set up on the machine and corresponds to the attached ENI).

I cannot for the life of me, get this to work. I have a new ENI, with a new private IP, which is attached to my instance. I have an elastic (public) IP linked up to the private IP on that ENI.

I've created a new network interface on my Debian 7 machine (eth1, which was assigned by AWS when I created the second ENI) using the private IP, as follows:

auto lo
iface lo inet loopback
auto eth0 eth1
iface eth0 inet dhcp
iface eth1 inet static
  address xxx.xxx.xxx.xxx
  netmask xxx.xxx.xxx.xxx

EDIT: I've also tried

auto lo
iface lo inet loopback
auto eth0 eth1
iface eth0 inet dhcp
iface eth1 inet dhcp

I've verified that the private IP address and second interface are correctly installed through an "ifconfig" command, which shows both eth0 and eth1. I can ping the private IP address. I have the corresponding public IP set in DNS (which is supposed to resolve to the private IP).

To make a long story short, I cannot ping the A name that maps to my second public IP, or the IP itself. They all time out. My firewall permits ICMP requests and my AWS security group allows all ports/hosts inbound and outbound.

What on earth am I missing? I've been stuck on this for nearly three days now. I feel like I'm close, but it must be something obvious.

ping dev2.my.tld
PING dev2.my.tld (xxx.xxx.xxx.xxx) 56(84) bytes of data.
^C
--- dev2.my.tld ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3022ms

Best Answer

I had a similar issue but I was able to solve it by modifying the routing. I had to add these routes in my /etc/networking/interfaces file:

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
post-up ip route add default via g.g.g.g dev eth0 tab 1
post-up ip rule add from x1.x1.x1.x1/32 tab 1 priority 500

auto eth1
iface eth1 inet dhcp
post-up ip route add default via g.g.g.g dev eth1 tab 2
post-up ip rule add from x2.x2.x2.x2/32 tab 2 priority 600

where x1.x1.x1.x1 and x2.x2.x2.x2 are my Private IP addresses. g.g.g.g is the IP gleaned from the existing route table. To get it, run ip route show on the command line and make a note of the IP with the line default via g.g.g.g dev eth0

Once I rebooted networking, everything worked.

I was able to piece this together through the following forum post on AWS: https://forums.aws.amazon.com/message.jspa?messageID=404454

Related Topic