1

We have an existing EC2 Server 2008 instance in a VPC with an elastic IP associated to the eth0 network interface. We added an additional network interface, eth1, to the instance and this interface also has an elastic IP address that we are binding to a different website.

Before making this change, the instance was recognized from outside the Amazon network by the elastic IP address attached to the eth0 network interface. After rebooting the server, the server is now recognized outside of the network as the elastic IP address attached to network interface eth1.

When I say recognized, I mean that outside resources are now seeing the instance as the elastic ip address attached to the secondary network interface. Using http://whatismyipaddress.com/ from the server is show the elastic ip address attached to the eth1 network interface instead of the eth0 network interface. As this server connects to other outside services that have restrictions on what ip addresses are able to make connections, it is now being blocked. It is also a mail server, and I prefer to stay on the ip address that has a reputation built.

How can I make the server appear to the outside as the elastic ip address that I have associated to the eth0 network interface instead of the elastic ip address associated to eth1?

John Sieber
  • 113
  • 1
  • 5
  • What do you mean "recognized"? Can you ping both elastic IPs from the internet? How about from another instance in the same subnets as each ENI? Are the ENIs in the same subnet, and if not do both subnets have a route to the internet gateway? – Tim May 03 '17 at 19:07
  • When I say recognized, I mean that outside resources are now seeing the instance as the elastic ip address attached to the secondary network interface. As this server connects to other outside services that have restrictions on what ip addresses are able to make connections, it is now being blocked. It is also a mail server, and I prefer to stay on the ip address that has a reputation built. – John Sieber May 03 '17 at 19:11
  • Ah ok. Suggest you add that and any other relevant context to your questions, so people don't have to go searching through all the comments to understand your question. For example, why have added another ENI / public IP? – Tim May 03 '17 at 19:12
  • My gut feel here is the software on the instance is using the second IP, and that the solution will be to configure the software to use the correct ENI/public IP. I don't know how to do that, but I think a little time on Google will give an answer. Also, someone else may know how to do it. – Tim May 03 '17 at 19:16
  • [Read this](https://blogs.technet.microsoft.com/networking/2009/04/24/source-ip-address-selection-on-a-multi-homed-windows-computer/) and [this](https://social.technet.microsoft.com/Forums/windowsserver/en-US/225327ef-89c8-41fb-8316-175f8718e2da/windows-server-2008-using-multiple-static-ip-addresses?forum=winserverPN). They have a good chance of leading you to a solution. – Tim May 03 '17 at 19:44
  • Thanks Tim for helping. I ended up disassociating both elastic IP addresses and then associated them to the opposite network interfaces. Not sure if this was the best approach, but it resolved my issue. – John Sieber May 03 '17 at 20:00

1 Answers1

0

I ended up doing the following to resolve this issue.

I disassociated both elastic IP addresses that were connected to my instance taking note of what network interface each was attached to. I then associated the elastic IP addresses to the opposite network interfaces for the instance. I then had to update my binding for websites in IIS but my server was back to showing the original elastic IP address to outside services.

John Sieber
  • 113
  • 1
  • 5