0

I have a single ENI connected to a t2.micro EC2 instance.

It has an Elastic IP xxx.xxx.xxx.xxx associated with the "primary private IP address".

I added a "secondary private IP Address" to the ENI and associated it with another Elastic IP yyy.yyy.yyy.yyy

All ICMP traffic is allowed on the security group associated with the ENI.

I am able to ping xxx.xxx.xxx.xxx but I am unable to ping yyy.yyy.yyy.yyy.

The EC2 Operating System is Debian Buster.

How do I configure so that yyy.yyy.yyy.yyy is accessible from the Internet?

Siju George
  • 155
  • 9

1 Answers1

0

Adding a "secondary private IP address" through the AWS interface will add the IP Address to the Operating System interface such as "eth0" in Linux effectively only for AMIs from AWS.

For private AMIs such as Debian Buster, the "secondary private IP address" added through the AWS interface should also be manually added to the Operating system interface such as "eth0" by executing command inside the EC2 instance.

Eg:

If the Secondary IP Address added through the AWS interface is "172.16.10.2"

and

the Network interface of the Operating System is "eth0"

then the command to be executed is:

$ sudo ip addr add 172.16.10.2 dev eth0

In general,the command for Linux would be

ip addr add <ip_address> dev <interface>

To make the change persist after reboot the easiest way is to add a corn entry for root.

Use the command

$ sudo crontab -e

and create an entry such as

# Add Secondary Private Ip Address to 'eth0'
@reboot ip addr add 172.31.17.171 dev eth0

Reboot the EC2 instance and check if the entry persists with the command

$ip a

For other Unix-like systems, there are corresponding commands and configurations to add more than one IP address (aliases) to the interface.

eg: OpenBSD , FreeBSD

Siju George
  • 155
  • 9