Feature Guide: Amazon EC2 Elastic IP Addresses

Articles & Tutorials>Feature Guide: Amazon EC2 Elastic IP Addresses
This guide introduces Elastic IP Addresses for Amazon EC2.

Details

Submitted By: Santiago@AWS
AWS Products Used: Amazon EC2
Created On: March 26, 2008 11:38 PM GMT
Last Updated: November 16, 2012 12:15 AM GMT

Introduction

Elastic IP addresses are static IP addresses designed for dynamic cloud computing. An Elastic IP address is associated with your account, not a particular instance, and you control that address until you choose to explicitly release it. Unlike traditional static IP addresses, however, Elastic IP addresses allow you to mask instance or availability zone failures by programmatically remapping your public IP addresses to any instance associated with your account. Rather than waiting on a data technician to reconfigure or replace your host, or waiting for DNS to propagate to all of your customers, Amazon EC2 enables you to engineer around problems with your instance or software by programmatically remapping your Elastic IP address to a replacement instance.


Definitions

  • EC2 Private IP Address: The internal RFC 1918 address of an instance that is only routable within the EC2 Cloud. Network traffic originating outside the EC2 network cannot route to this IP, and must use the Public IP or Elastic IP Address mapped to the instance.
  • EC2 Public IP Address: Internet routable IP address assigned by the system for all instances. Traffic routed to the Public IP is translated via 1:1 Network Address Translation (NAT) and forwarded to the Private IP address of an instance. The mapping of a Public IP to Private IP of an instance is the default launch configuration for all instance types. Public IP Addresses are no longer usable upon instance termination.
  • EC2 Elastic IP Address: Internet routable IP address allocated to an AWS EC2 account. Similar to EC2 Public Address, 1:1 NAT is used to map Elastic IP Addresses with their associated Private IP addresses. Unlike a standard EC2 Public IP Address, Elastic IP Addresses are allocated to accounts and can be remapped to other instances when desired.

Prerequisites

Before you begin, make sure you are using the right versions of our WSDL, API Tools, and API:

  • WSDL and API version: 2008-02-01 or later
  • API Tools: 1.3-19403 2008-02-01

Note: You can check version information using the ec2ver command.

Allocating an Elastic IP Addresses for Account

The ec2-allocate-address command assigns an EC2 Elastic IP Address to an account. An Elastic IP address is associated with an account and billed accordingly until the address is released using ec2-release-address command.

This example allocates a new address for the account:

ec2-allocate-address
  ADDRESS 75.101.155.119

Describing Elastic IP Addresses for Account

After allocating an address, use ec2-describe-addresses to view the addresses allocated to the account. The IP parameter specifies the IP(s) to describe. If unspecified, all addresses allocated are returned.

This example shows that two Elastic IPs are allocated to the account:

ec2-describe-addresses
  ADDRESS 75.101.157.145
  ADDRESS 75.101.155.119

ec2-describe-addresses 75.101.157.145
  ADDRESS 75.101.157.145

Associating an Elastic IP Address with a Running Instance

Once an Elastic IP Address is allocated, you can map it to a running instance. Use ec2-describe-instances to select the instance ID of a running instance and use ec2-associate-address to create the mapping.

ec2-describe-instances
  RESERVATION      r-ae33c2c7      924417782495    default
  INSTANCE         i-b2e019da      ami-2bb65342    ec2-72-44-33-67.compute-1.amazonaws.com  ip-10-251-71-165.ec2.internal   running  gsg-keypair     0               m1.small        2008-03-03T23:09:09+0000       us-east-1a
  INSTANCE         i-b2e019db      ami-2bb65342    ec2-67-202-3-83.compute-1.amazonaws.com  ip-10-251-47-36.ec2.internal    running  gsg-keypair     1               m1.small        2008-03-03T23:09:09+0000       us-east-1a

ec2-describe-addresses
  ADDRESS 75.101.157.145

This example associates the Elastic IP 75.101.157.145 with instance ID i-b2e019da:

ec2-associate-address -i i-b2e019da  75.101.157.145

  ADDRESS 75.101.157.145   i-b2e019da

The ec2-associate-address call is processed by the EC2 Cloud. This will take a few minutes to complete.

After a successful call to ec2-associate-address, you will see the new IP associated with his instance by using ec2-describe-addresses.

ec2-describe-addresses
  ADDRESS 75.101.157.145   i-b2e019da

ec2-describe-instances i-b2e019da
  RESERVATION      r-ae33c2c7      924417782495    default
  INSTANCE         i-b2e019da      ami-2bb65342    ec2-75-101-157-145.compute-1.amazonaws.com  ip-10-251-71-165.ec2.internal   running  gsg-keypair     0               m1.small        2008-03-03T23:09:09+0000       us-east-1a

In most cases, this will typically take less than a few minutes from when you instruct us to remap the Elastic IP.

Note: Instances only have one Internet routable IP address. When an Elastic IP is associated to an instance, the instance's existing Public IP address mapping is removed and is no longer valid for this instance.

Associating an Elastic IP Address with a Different Running Instance

You might want to remap the Elastic IP to another instance.

In this example the account has two instances running i-b2e019da and i-b2e019db. The following example remaps Elastic IP Address 75.101.157.145 from the current instance ID i-b2e019da (completed above) to instance ID i-b2e019db.

ec2-describe-addresses
  ADDRESS 75.101.157.145   i-b2e019da
  
ec2-associate-address -i i-b2e019db  75.101.157.145
  ADDRESS 75.101.157.145   i-b2e019db

Once the system updates have completed, network traffic sent to the Elastic IP 75.101.157.145 will be 1:1 NAT'd and sent to the internal IP of the instance i-b2e019db.

ec2-describe-addresses
  ADDRESS 75.101.157.145   i-b2e019db

The instance i-b2e019da no longer has a Public IP Address because the Elastic IP was removed to remap it to another instance. This means that the instance is no longer reachable from the internet. However, the instance is still reachable from within the cloud via the Private IP Address.

ec2-describe-instances
  RESERVATION      r-ae33c2c7      924417782495    default
  INSTANCE         i-b2e019da      ami-2bb65342    <<BLANK>>    ip-10-251-71-165.ec2.internal   running gsg-keypair     0               m1.small        2008-03-03T23:09:09+0000       us-east-1a
  INSTANCE         i-b2e019db      ami-2bb65342    ec2-75-101-157-145.compute-1.amazonaws.com  ip-10-251-47-36.ec2.internal    running  gsg-keypair     1               m1.small        2008-03-03T23:09:09+0000       us-east-1a

In the background, a process is running that will re-configure another Public IP address for the instance. This process can take a few minutes and, when complete, the ec2-describe-instances returns the updated information and the instance will again be reachable from the internet on this newly assigned Public IP.

ec2-describe-instances
  RESERVATION      r-ae33c2c7      924417782495    default
  INSTANCE         i-b2e019da      ami-2bb65342    ec2-67-202-46-87.compute-1.amazonaws.com    ip-10-251-71-165.ec2.internal   running  gsg-keypair     0               m1.small        2008-03-03T23:09:09+0000       us-east-1a
  INSTANCE         i-b2e019db      ami-2bb65342    ec2-75-101-157-145.compute-1.amazonaws.com  ip-10-251-47-36.ec2.internal    running  gsg-keypair     1               m1.small        2008-03-03T23:09:09+0000       us-east-1a

Note: There is no guarantee that an instance will be configured with its original Public IP address that existed prior to being mapped. In fact, it is highly likely that you will receive a totally different Public IP address.

Terminating running Instance Having an Associated Elastic IP

Calling ec2-terminate-instance first disassociates the Elastic IP from the instance and then completes the termination process. Upon completion of this call, the Elastic IP will be in an unmapped state and, if not associated to another instance, will be charged for each full hour not mapped to a running instance.

Disassociating an Elastic IP Address from Running Instance

To remove the current mapping of the Elastic IP, use the ec2-disassociate-address command.

This example shows the current mapping, removes the mapping, and then confirms the mapping was removed.

ec2-describe-addresses

  ADDRESS 75.101.157.145   i-b2e019db

ec2-disassociate-address 75.101.157.145
  ADDRESS 75.101.157.145
  
ec2-describe-addresses
  ADDRESS 75.101.157.145
  

Upon completion of this call the Elastic IP will be in an unmapped state. Elastic IP addresses will accrue a charge for each full hour the address is not attached/mapped to an instance.

Releasing an Elastic IP Addresses from Account

To release an Elastic IP from an account use ec2-release-address. The IP parameter specifies the Elastic IP Address to be released.

This example shows the existing Elastic IP on the account, releases it, and confirms the release:

ec2-describe-addresses
  ADDRESS 75.101.157.145

ec2-release-address 75.101.157.145
  ADDRESS 75.101.157.145

ec2-describe-addresses

  <BLANK>

If the ec2-release-address command is called while an Elastic IP is mapped to an instance, the system first removes the current mapping to an instance ID, and then removes the Elastic IP from the account. After releasing an Elastic IP address, you cannot get it back.

Elastic IP Addresses Frequently Asked Questions (FAQ)

Why am I limited to 5 Elastic IP addresses? Why am I charged when my Elastic IP address is not associated with an instance?

Public (IPV4) internet addresses are a scarce resource. There is only a limited amount of public IP space available, and Amazon EC2 is committed to helping use that space efficiently.

By default, all accounts are limited to 5 Elastic IP addresses. If you need more than 5 Elastic IP addresses, we ask that you apply for your limit to be raised. We will ask you to think through your use case and help us understand your need for additional addresses. You can apply for more Elastic IP addresses here.

In order to help ensure our customers are efficiently using the Elastic IP addresses that they have associated with their account, we impose the $.01/hr charge when these IP addresses are not mapped to an instance.

Can an instance have more than one Elastic IP or Public IP?

Today, an instance can only have one Internet routable IP address. If an Elastic IP is mapped to an instance its existing Public IP address mapping is removed.

What happens to the Public IP of my instance when I associate an Elastic IP to that instance?

To map an Elastic IP to an instance the existing Public IP mapping must first be removed. Once the mapping of the Elastic IP to the instance is complete, the original Public IP is returned to the general IP address pool and will eventually be reused within the cloud.

What happens if an Elastic IP (EIP1) is already associated to an instance and then a second Elastic IP (EIP2) associated to the instance?

The last ec2-associate-address call made will be the one applied to the instance; in this case EIP2 will be associated with the instance once the mapping propagates. EIP1 will be disassociated, but will remain associated with your EC2 account.

If an Elastic IP is removed from an instance is the instance reachable from the internet?

Removing the Elastic IP from an instance temporarily leaves the instance without a Public IP Address. A background process in the cloud will re-assign a new Public IP to the instance after a short period of time. The instance will remain reachable from within the cloud on its private IP address during this process.

How long does it take to remap an Elastic IP address?

In most cases, this will typically take less than a few minutes from when you instruct us to remap the Elastic IP, and we are continuing to work to make this even faster.

Why do existing connections still work after I associate a new IP address to an instance?

When you remap an Elastic IP to an instance, some of your preexisting communications (to the old and now unmapped IP address) will continue to work even after the remap. For example, if you have an open ssh connection to an instance via its system assigned Public IP address and subsequently associate one of your Elastic IP addresses with that instance, the ssh session might continue to function normally for some time. This behavior is expected but unreliable. We strongly urge you to reestablish connections via the new remapped IP addresses to ensure that your software functions correctly.

When you remap an IP address, we propagate the new mapping throughout the EC2 network. Because of the behavior of some network devices, existing communications (defined as established source IP, destination IP, port combinations) might continue to utilize preexisting mappings until the devices refresh their caches. This results in existing connections continuing to work. However, because of the highly distributed nature of the EC2 network and the way these devices function, these communications can become invalid at any time. Therefore, you should reestablish all connections through your remapped IP address.

Finally, as we continue to release optimizations to the EC2 network to reduce the propagation time of Elastic IP updates, these optimizations will also more quickly purge the network of any cached mappings. It is our ultimate goal to immediately break all existing communications when an IP address is remapped.

If an instance re-starts does the mapping of Elastic IP Address become invalid?

A reboot or restart of an instance has no impact on the mapping of an Elastic IP to it. However, terminating an instance will remove the mapping and the Elastic IP will then be charged for each full hour it is not mapped to another instance.

Comments

Choosing the IP address base on geographical location
Hi, There are plenty of applications that limit its functionality based on the country of the user. Those applications use the geographical location of the IP address of the user to implement such a restriction. It would be nice if Amazon E2C let you choose the geographical location of the elastic IP addresses you want to use. Or at least define with more granularity the availability zones to be able to run your instances in a DEC country (and probably with an DEC address of that country).
Juan Fco. Rguez. Hervella on April 9, 2009 8:11 PM GMT
Please explain how to map a normal domain name
Please explain how to map a normal domain name to Amazon (for exemple, with www.GoDaddy.com?) Does it use a CNAME, what TTL should we use, etc.
camalartre on December 3, 2008 8:50 PM GMT
Great feature for maintaining up time.
As far as load balancing, you would never use public addresses for that, elastic or otherwise. The public address is the balancer, and the target machines are all mapped to internal addresses.
toadskin on October 29, 2008 7:04 PM GMT
Congratulations
It is a great new to have this new feature.. which makes our life much easier.. The next Step would be to have Load Balancing Features joined with the Elastic IP Feature. So we could associate several machines to one Elastic IP... but for that we should need to have the possibility to assign 2 Elastic Ip Address to one Instance.
yokinator on March 27, 2008 4:33 PM GMT
We are temporarily not accepting new comments.
©2014, Amazon Web Services, Inc. or its affiliates. All rights reserved.