If I bring up two Amazon EC2 instances and run nslookup on one for the other's hostname, amazon will return a 10.* address. This is routable within amazon, and works just fine.
But does this work between different accounts? If I use one of my nodes to nslookup a hostname belonging to another customer (but still in the same datacenter) will it resolve as a 10.* address or will it give the standard public IP?
Yes, if you DNS resolve (nslookup, dig) any EC2 hostname as assigned by EC2 from within the same EC2 region, Amazon's DNS will return the private IP address, even if you are resolving the public DNS name (e.g., ec2-NN-NN-NN-NN.compute-1.amazonaws.com) and even if the instance is in a different AWS account or a different EC2 availability zone in the region.
If you DNS resolve a non-Amazon hostname that is a CNAME to the public DNS hostname from within the same EC2 region, it will also return the private IP address.
Here's an article I wrote that talks about using external DNS names to resolve to the internal IP address even with elastic IP addresses: http://alestic.com/2009/06/ec2-elastic-ip-internal
Other notes:
All internal/private (10.*) IP addresses will work between all standard EC2 instances in all availability zones in all accounts within a given EC2 region.
The internal IP addresses are not usable outside of an EC2 region or between EC2 regions. Private IP addresses within EC2 VPC follow different rules.
You can use EC2 security groups to protect your EC2 instances from other EC2 instances in the EC2 region and from systems outside of the EC2 region.
