When hosting websites on EC2 instances it’s pretty common to need to point multiple Elastic IPs to a single EC2 instance, normally to allow the use of multiple SSL certificates. This is pretty easy to do, but a little confusing at fist if your not used to the sysadmin world.
It’s important to understand that each NIC (network interface) can only have a single elastic IP address bound to it. Most instances are not launched with spare NICs attached and as such you will have to create an attach and additional NIC to which you can associate (point) the additional elastic IP.
Note: The number of NIC's you can attached to an EC2 instance is limited by the size of the instance. For example a micro instance can at the point of writing only support two NICs (there for limiting you to using only two elastic IP's). You can get around this by using a load balancer.
Creating & attaching an additional Network Interface
- First log into your AWS account and pull up the EC2 Dashboard.
- From there select ‘Network Interfaces’ under Network & Security tab on the left hand menu and click ‘Create Network Interface’ (the big blue button at the top).
- A pop up will appear and you can name the new interface something meaningful to you. Then add it to the subnet that the EC2 server is currently in. (If your not sure which subnet this is you can find it by looking at the instance details on the ‘Instances’ page).
- Once you have selected a subnet the security groups available on that subnet will be listed. Select the groups to all through the traffic you need (you can always add more / change this later if you need too).
- If you want to manually assign the private IP address you can do so at this stage, but I tend to leave it blank which will auto assign an address for you out of the VPC’s range.
Once you have created the NIC pull up its details from the list and make a note of the Primary Private IP and the Network Interface ID. The Primary private IP is where your EC2 instance will see the traffic as originating from. If you need to set up SSL certificates for example it is this private IP that you will listen for / specify in the config file, not the elastic IP address.
Next you need to attached this new NIC to your EC2 instance. To do this select it from the list and chose the ‘Attach’ button at the top of the page. Select the instance you want to attache the NIC to from the dropdown list and click ‘Attach’. At this point the NIC will be attached to the instance and be ready to receive / send traffic.
Associating an Elastic IP
You can now head over to the Elastic IPs section (on the left nav). If you have a spare IP listed you can use this or alternatively you can click ‘Allocate New Address’ to create an additional one. Select the elastic IP from the list and using the Network Interface ID you noted earlier (when you created the NIC) find the interface in the network interface field and hit ‘Associate’.
Your done! The elastic IP will now pass traffic to your instance, and the instance will identify this traffic as coming from the private IP you noted earlier.
Note: Whilst the number of NIC's you can use are limited by the instance's size, Elastic IPs are limited per account (by default to five). This limit can be increased by raising a support ticket so long as you can justify the need.