Can't connect to DAX from EC2 instance in same VPC

Question

I'm in my EC2 instance in the same VPC as my DAX cluster....the cluster's SG is default (allow all) and I still can't connect

Here's an abbreviated code sample:

from amazondax import AmazonDaxClient

dax = AmazonDaxClient(
    endpoint_url="mycluster.i5cagb.clustercfg.dax.use1.cache.amazonaws.com:8111"
)

After waiting a bit, I get this error:

Failed to configure cluster endpoints from 
[('mycluster.i5cagb.clustercfg.dax.use1.cache.amazonaws.com', 8111)]

I tried diagnosing with nc too:

$ nc -zv mycluster.i5cagb.clustercfg.dax.use1.cache.amazonaws.com 8111
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connection to 172.31.43.69 failed: Connection timed out.
Ncat: Trying next address...
Ncat: Connection to 172.31.58.224 failed: Connection timed out.
Ncat: Trying next address...
Ncat: Connection timed out.

What do you mean by "allow all"? Do you have an inbound rule on the SG that allows all traffic? What is the network topology of the EC2 instances and cluster within the VPC? Are the EC2 instances in the same SG as the cluster? It does look like a network reachability problem. Basically you need to ensure that there is nothing blocking the traffic between the EC2 instance and the cluster network interface. There is a step in the [documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.create-cluster.console.configure-inbound-rules.html) about configuring the SG rules — Abdelrahman Elhaddad, Oct 22 '19 at 20:41
Thanks @AbdelrahmanElhaddad it ultimately did end up being a SG issue. — Mark Richman, Oct 29 '19 at 11:09

score 1 · Accepted Answer · answered Oct 29 '19 at 11:09

1

As @AbdelrahmanElhaddad pointed out in his comment, this ended up being a security group issue.

answered Oct 29 '19 at 11:09

Mark Richman

28,948
25
99
159

Specifically, I hadn't set a `SecurityGroupIds` entry on my cluster. – Ben Dec 09 '20 at 02:27

Can't connect to DAX from EC2 instance in same VPC

1 Answers1