The ec2 instance can't access internet in a public subnet without a elastic ip address?

Angle Tom picture Angle Tom · Jan 13, 2016 · Viewed 25.2k times · Source

I working on aws. I created a public subnet which has a network ACL allows all net traffic, and associated with a internet gateway in the route table.

And then I create a ec2 instance without elastic ip and a ec2 instance with elastic ip in it, and the security group also allows all traffic.

I ssh to the instance which has elastic ip. It works well when I run yum update and curl www.baidu.com and so on. But I can't access internet when I ssh to the ec2 instance which has no elastic ip. anyone knows that is why?

Answer

Mayank Ahuja picture Mayank Ahuja · Jan 14, 2016

For accessing internet from EC2 instance in public subnet using Internet Gateway, the instance needs to have public IP address. Either one can configure the instance to have public IP address or attach EIP.

Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Internet_Gateway.html

If you do not want to attach public IP address for instances with Internet access (consider private subnets), NAT instance and NAT gateway can help.

Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat.html